Page 10 of 93 results (0.013 seconds)

CVSS: 8.1EPSS: 1%CPEs: 8EXPL: 0

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716. La protección de desbordamiento en Expat es eliminada por los compiladores con ciertos ajustes de optimización, lo que permite a atacantes remotos provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de datos XML manipulados. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2015-1283 y CVE-2015-2716. • http://www.securityfocus.com/bid/91528 http://www.ubuntu.com/usn/USN-3013-1 https://bugzilla.redhat.com/show_bug.cgi?id=1344251 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://security.gentoo.org/glsa/201701-21 https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde https://www.tenable.com/security/tns-2016-20 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.9EPSS: 0%CPEs: 26EXPL: 0

The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. La función ssl.match_hostname en CPython (también concida como Python) en versiones anteriores a 2.7.9 y 3.x en versiones anteriores a 3.3.3 no maneja correctamente comodines en los nombres de host, lo que podría permitir a atacantes man-in-the-middle suplantar servidores a través de un certificado manipulado. Multiple flaws were found in the way Python's SSL module performed matching of certificate names containing wildcards. A remote attacker able to obtain a valid certificate that contained certain names with wildcards could have them incorrectly accepted by Python SSL clients, not following the RFC 6125 recommendations. • http://seclists.org/oss-sec/2015/q2/483 http://seclists.org/oss-sec/2015/q2/523 http://www.securityfocus.com/bid/74707 https://access.redhat.com/errata/RHSA-2016:1166 https://bugs.python.org/issue17997 https://bugzilla.redhat.com/show_bug.cgi?id=1224999 https://hg.python.org/cpython/rev/10d0edadbcdd https://access.redhat.com/security/cve/CVE-2013-7440 • CWE-19: Data Processing Errors •

CVSS: 9.8EPSS: 0%CPEs: 26EXPL: 0

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. Expat permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un documento de entrada mal formado, lo que desencadena un desbordamiento de buffer. An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point." Vulnerabilidad de busqueda de ruta no confiable en python.exe en Python hasta la versión 3.5.0 en Windows, permite a usuarios locales obtener privilegios a través de un Troyano en el archivo readline.pyd en el directorio de trabajo actual. NOTA: el vendedor afirma 'Está determinado que es un comportamiento antiguo de Python que en realidad no puede ser alterado en estos momentos'. • http://jvn.jp/en/jp/JVN49503705/995204/index.html http://jvn.jp/en/jp/JVN49503705/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000141 http://www.securityfocus.com/bid/76929 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755 •

CVSS: 6.8EPSS: 3%CPEs: 27EXPL: 0

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros productos permite a atacantes remotos causar una denegación de servicio mediante un desbordamiento de buffer basado en memoria dinámica o, posiblemente tener otro impacto no especificado a través de datos XML manipulados, un tema relacionado con CVE-2015-2716. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •