CVSS: 5.0EPSS: 0%CPEs: 22EXPL: 1CVE-2014-9675 – freetype: information leak in _bdf_add_property()
https://notcve.org/view.php?id=CVE-2014-9675
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font. bdf/bdflib.c en FreeType anterior a 2.5.4 identifica los nombres de propiedades con solamente verificar que una subcadena inicial esté presente, lo que permite a atacantes remotos descubrir valores de punteros de la memoria dinámica y evadir el mecanismo de protección ASLR a través de una fuente BDF manipulada. • http://advisories.mageia.org/MGASA-2015-0083.html http://code.google.com/p/google-security-research/issues/detail?id=151 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7 http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html http://rhn.redhat.com/errata/RHSA-2015-0696.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0CVE-2015-0247
https://notcve.org/view.php?id=CVE-2015-0247
Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image. Desbordamiento de buffer basado en memoria dinámica en openfs.c en la libraría libext2fs en e2fsprogs anterior a 1.42.12 permite a usuarios locales ejecutar código arbitrario a través de datos manipulados del descriptor de grupos en bloque en una imagen del sistema de ficheros. • http://advisories.mageia.org/MGASA-2015-0061.html http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4 http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149434.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150606.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150805.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00019.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00010.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 20%CPEs: 8EXPL: 0CVE-2014-9636 – unzip: out-of-bounds read/write in test_compr_eb() in extract.c
https://notcve.org/view.php?id=CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. unzip 6.0 permite a atacantes remotos causar una denegación de servicio (lectura o escritura fuera de rango y caída) a través de un campo extra con un tamaño comprimido más pequeño que el tamaño del campo comprimido en un archivo zip que anuncia la compresión del método almacenado (STORED). A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. • http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148792.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148849.html http://seclists.org/oss-sec/2014/q4/1131 http://seclists.org/oss-sec/2014/q4/489 http://seclists.org/oss-sec/2014/q4/496 http://seclists.org/oss-sec/2015/q1/216 http://secunia.com/advisories/62738 http://secunia.com/advisories/62751 http://www.debian.org/security/2015/dsa-3152 http://www.info-zip.o • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0CVE-2015-0400
https://notcve.org/view.php?id=CVE-2015-0400
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Libraries. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html http://marc.info/?l=bugtraq&m=142496355704097&w=2 http://marc.info/?l=bugtraq&m=142607790919348&w=2 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.securi •
CVSS: 5.4EPSS: 0%CPEs: 29EXPL: 0CVE-2015-0383 – OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)
https://notcve.org/view.php?id=CVE-2015-0383
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25; Java SE Embedded 7u71 y 8u6; y JRockit R27.8.4 y R28.3.4 permite a usuarios locales afectar la integridad y la disponibilidad a través de vectores desconocidos relacionados con Hotspot. Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158088.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158791.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158810.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://lists.opensuse.org/opensuse-security-announc • CWE-377: Insecure Temporary File •