CVE-2014-9761 – glibc: Unbounded stack allocation in nan* functions
https://notcve.org/view.php?id=CVE-2014-9761
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function. Múltiples desbordamientos de buffer basado en pila en la GNU C Library (también conocida como glibc o libc6) en versiones anteriores a 2.23 permiten a atacantes dependientes del contexto causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbirario a través de un argumento largo en la función (1) nan, (2) nanf o (3) nanl. A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html http://packetstormsecurity.com/files/153278/WAGO-852-Industria • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-8778 – glibc: Integer overflow in hcreate and hcreate_r
https://notcve.org/view.php?id=CVE-2015-8778
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access. Desbordamiento de entero en la GNU C Library (también conocida como glibc o libc6) en versiones anteriores a 2.23 permite a atacantes dependientes del contexto causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través del argumento size a la función the __hcreate_r, lo que desencandena el acceso fuera de rango a memoria dinámica. An integer overflow vulnerability was found in hcreate() and hcreate_r() functions which could result in an out-of-bounds memory access. This could lead to application crash or, potentially, arbitrary code execution. Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html http://packetstormsecurity.com/files/154361/Cisco-Device-Hardc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVE-2015-8776 – glibc: Segmentation fault caused by passing out-of-range data to strftime()
https://notcve.org/view.php?id=CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value. La función strftime en la GNU C Library (también conocida como glibc o libc6) en versiones anteriores a 2.23 permite a atacantes dependientes del contexto causar una denegación de servicio (caída de aplicación) o posiblemente obtener información sensible a través de un valor de tiempo fuera de rango. It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html http://rhn.redhat.com/errata/RHSA-2017-0680.html http • CWE-189: Numeric Errors •
CVE-2015-2709
https://notcve.org/view.php?id=CVE-2015-2709
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación de Mozilla Firefox anterior a 38.0 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://rhn.redhat.com/errata/RHSA-2015-1012.html http://www.mozilla.org/security/announce/2015/mfsa2015-46.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/74615 http://www.ubuntu.com/usn/USN-2602-1 https:/ •
CVE-2015-2712
https://notcve.org/view.php?id=CVE-2015-2712
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript. La implementación asm.js en Mozilla Firefox anterior a 38.0 no determina correctamente las longitudes de la memoria dinámica durante la identificación de casos en que la comprobación de límites puede saltarse con seguridad, lo que permite a atacantes remotos provocar operaciones de escritura fuera de rango y posiblemente obtener información sensible de la memoria de procesos a través de JavaScript manipulado. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://www.mozilla.org/security/announce/2015/mfsa2015-50.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/74611 http://www.ubuntu.com/usn/USN-2602-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1152280 https://security.gentoo.org/glsa/201605-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •