CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2016-1610 – Micro Focus Filr 2 2.0.0.421/1.2 1.2.0.846 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2016-1610
Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name. Vulnerabilidad de salto de directorio en la característica email-template en Novell Filr en versiones anteriores a 1.2 Security Update 3 y 2.0 en versiones anteriores a Security Update 2 permite a atacantes remotos eludir restricciones destinadas al acceso y escribir a archivos arbitrarios a través de .. (punto punto) en un nombre del blob. Multiple Micro Focus Filr appliances suffer from cross site request forgery, cross site scripting, command injection, insecure design, missing cookie flag, authentication bypass, poor permission, and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/40161 http://seclists.org/bugtraq/2016/Jul/119 http://www.securityfocus.com/bid/92113 https://download.novell.com/Download?buildid=3V-3ArYN85I~ https://download.novell.com/Download?buildid=BOTiHcBFfv0~ https://www.novell.com/support/kb/doc.php?id=7017788 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2016-1611 – Micro Focus Filr 2 2.0.0.421/1.2 1.2.0.846 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands. Novell Filr 1.2 en versiones anteriores a Hot Patch 6 y 2.0 en versiones anteriores a Hot Patch 2 usa permisos de escritura universal para /etc/profile.d/vainit.sh, lo que permite a usuarios locales obtener privilegios reemplazando este contenido del archivo con comandos shell arbitrarios. Multiple Micro Focus Filr appliances suffer from cross site request forgery, cross site scripting, command injection, insecure design, missing cookie flag, authentication bypass, poor permission, and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/40161 http://seclists.org/bugtraq/2016/Jul/119 http://www.securityfocus.com/bid/92113 https://www.novell.com/support/kb/doc.php?id=7017689 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0CVE-2015-8919 – libarchive: Heap out of bounds read in LHA/LZH parser
https://notcve.org/view.php?id=CVE-2015-8919
The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. La función lha_read_file_extended_header en archive_read_support_format_lha.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (memoria dinámica fuera de rango) a través de un archivo (1) lzh o (2) lha manipulado. A vulnerability was found in libarchive. A specially crafted LZA/LZH file could cause a small out-of-bounds read, potentially disclosing a few bytes of application memory. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91302 http://www.ubuntu.com/usn/USN-3033-1 https://blog.fuzzing-project. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 1%CPEs: 8EXPL: 0CVE-2015-8920 – libarchive: Stack out of bounds read in ar parser
https://notcve.org/view.php?id=CVE-2015-8920
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. La función lha_ar_read_header en archive_read_support_format_ar.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (lectura de pila fuera de rango) a través de un archivo ar manipulado. A vulnerability was found in libarchive. A specially crafted AR archive could cause the application to read a single byte of application memory, potentially disclosing it to the attacker. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://rhn.redhat.com/errata/RHSA-2016-1850.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91301 http://www.ubuntu. • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 4%CPEs: 8EXPL: 0CVE-2015-8921 – libarchive: Global out of bounds read in mtree parser
https://notcve.org/view.php?id=CVE-2015-8921
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. La función ae_strtofflags en archive_entry.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo mtree manipulado. A vulnerability was found in libarchive. A specially crafted mtree file could cause libarchive to read beyond a statically declared structure, potentially disclosing application memory. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://rhn.redhat.com/errata/RHSA-2016-1850.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91307 http://www.ubuntu. • CWE-125: Out-of-bounds Read •