CVE-2017-7528
https://notcve.org/view.php?id=CVE-2017-7528
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback). Ansible Tower tal y como viene con Red Hat CloudForms Management Engine 5 es vulnerable a la inyección de CRLF. Se ha detectado que la cabecera X-Forwarded-For permite a los servidores internos desplegar otros sistemas (usando callback). • http://www.securityfocus.com/bid/105143 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7528 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVE-2018-10884
https://notcve.org/view.php?id=CVE-2018-10884
Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker could exploit this by tricking already authenticated users into visiting a malicious site and hijacking the authtoken cookie. Ansible Tower en versiones anteriores a la 3.1.8 y 3.2.6 es vulnerable a Cross-Site Request Forgery (CSRF) en awx/api/authentication.py. Un atacante podría explotarlo engañando a usuarios ya autenticados para que visiten un sitio malicioso y secuestren la cookie autenticada. • http://www.securityfocus.com/bid/105136 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10884 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2015-9262 – libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c
https://notcve.org/view.php?id=CVE-2015-9262
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. _XcursorThemeInherits en library.c en libXcursor en versiones anteriores a la 1.1.15 permite que atacantes remotos provoquen una denegación de servicio (DoS) o una potencial ejecución de código mediante un desbordamiento de memoria dinámica (heap) de un byte. • https://access.redhat.com/errata/RHSA-2018:3059 https://access.redhat.com/errata/RHSA-2018:3505 https://bugs.freedesktop.org/show_bug.cgi?id=90857 https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=897213f36baf6926daf6d192c709cf627aa5fd05 https://lists.debian.org/debian-lts-announce/2018/08/msg00016.html https://usn.ubuntu.com/3729-1 https://access.redhat.com/security/cve/CVE-2015-9262 https://bugzilla.redhat.com/show_bug.cgi?id=1611599 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2018-14682 – libmspack: off-by-one error in the TOLOWER() macro for CHM decompression
https://notcve.org/view.php?id=CVE-2018-14682
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. Se ha descubierto un problema en mspack/chmd.c en libmspack en versiones anteriores a la 0.7alpha. Hay un error por un paso en la macro TOLOWER() para la descompresión CHM. • http://www.openwall.com/lists/oss-security/2018/07/26/1 http://www.securitytracker.com/id/1041410 https://access.redhat.com/errata/RHSA-2018:3327 https://access.redhat.com/errata/RHSA-2018:3505 https://bugs.debian.org/904800 https://github.com/kyz/libmspack/commit/4fd9ccaa54e1aebde1e4b95fb0163b699fd7bcc8 https://lists.debian.org/debian-lts-announce/2018/08/msg00007.html https://security.gentoo.org/glsa/201903-20 https://usn.ubuntu.com/3728-1 https://usn.ubuntu.com/3728-2 • CWE-193: Off-by-one Error •
CVE-2018-14680 – libmspack: off-by-one error in the CHM chunk number validity checks
https://notcve.org/view.php?id=CVE-2018-14680
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. Se ha descubierto un problema en mspack/chmd.c en libmspack en versiones anteriores a la 0.7alpha. No rechaza los nombres de archivos CHM en blanco. • http://www.openwall.com/lists/oss-security/2018/07/26/1 http://www.securitytracker.com/id/1041410 https://access.redhat.com/errata/RHSA-2018:3327 https://access.redhat.com/errata/RHSA-2018:3505 https://bugs.debian.org/904801 https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a https://lists.debian.org/debian-lts-announce/2018/08/msg00007.html https://security.gentoo.org/glsa/201903-20 https://usn.ubuntu.com/3728-1 https://usn.ubuntu.com/3728-2 • CWE-20: Improper Input Validation CWE-193: Off-by-one Error •