NotCVE - vendor:"Inria"

3 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2011-4119

https://notcve.org/view.php?id=CVE-2011-4119

caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make install. caml-light versiones anteriores a 0.75 incluyéndola, usa la función mktemp() de forma no segura, y también hace cosas no seguras en /tmp durante la instalación de make • http://gnats.netbsd.org/45558 https://seclists.org/oss-sec/2011/q4/249 https://vuxml.freebsd.org/freebsd/9dde9dac-08f4-11e1-af36-003067b2972c.html • CWE-377: Insecure Temporary File •

CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0

CVE-2012-0839

https://notcve.org/view.php?id=CVE-2012-0839

OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. oCaml v3.12.1 y anteriores calcula los valores de hash sin restringir la capacidad para activar las colisiones hash predecibles, lo que permite a atacantes dependientes de contexto causar una denegación de servicio (consumo de CPU) a través de entrada modificada a una aplicación que mantiene una tabla hash. • http://openwall.com/lists/oss-security/2012/02/07/1 http://openwall.com/lists/oss-security/2012/02/07/2 http://secunia.com/advisories/47853 http://www.mail-archive.com/caml-list%40inria.fr/msg01477.html http://www.mail-archive.com/caml-list%40inria.fr/msg01478.html http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

CVE-2009-3296

https://notcve.org/view.php?id=CVE-2009-3296

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows. Múltiples desbordamientos de entero en tiffread.c en CamlImages v2.2 permitiría a atacantes remotos ejecutar código arbitrario a través de imágenes TIFF que contengan valores muy grandes de alto y ancho que inician un desbordamiento de búfer basado en pila. • http://secunia.com/advisories/37067 http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.2.0-4+lenny3.diff.gz http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.20-8+etch3.diff.gz http://www.debian.org/security/2009/dsa-1912 http://www.securityfocus.com/bid/36713 • CWE-189: Numeric Errors •