CVE-2015-0812
https://notcve.org/view.php?id=CVE-2015-0812
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain. Mozilla Firefox anterior a 37.0 no requiere una sesión HTTPS para las instalaciones de adición de temas ligeros, lo que permite a atacantes man-in-the-middle evadir el requerimiento de confirmación de usuario mediante el despliegue un sito web manipulado y la realización de un ataque de la falsificación de DNS contra un subdominio mozilla.org. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00003.html http://www.mozilla.org/security/announce/2015/mfsa2015-32.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1031996 http://www.ubuntu.com/usn/USN-2550-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1128126 https://security.gentoo.org/glsa/201512-10 • CWE-17: DEPRECATED: Code •
CVE-2015-2808 – SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
https://notcve.org/view.php?id=CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. El algoritmo RC4, utilizado en el protocolo TLS y el protocolo SSL, no combina correctamente los datos de estados con los datos de claves durante la fase de inicialización, lo que facilita a atacantes remotos realizar ataques de recuperación de texto claro contra los bytes iniciales de un flujo mediante la captura de trafico de la red que ocasionalmente depende de claves afectadas por la debilidad de la invariabilidad (Invariance Weakness), y posteriormente utilizar un acercamiento de fuerza bruta que involucra valores LSB, también conocido como el problema de 'Bar Mitzvah'. • http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2014-9462
https://notcve.org/view.php?id=CVE-2014-9462
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command. La función _validaterepo en sshpeer en Mercurial anterior a 3.2.4 permite a atacantes remotos ejecutar comandos arbitrarios a través de un nombre de repositorio manipulado en un comando clon. • http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00085.html http://mercurial.selenic.com/wiki/WhatsNew http://www.debian.org/security/2015/dsa-3257 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.osvdb.org/119816 https://security.gentoo.org/glsa/201612-19 • CWE-20: Improper Input Validation •
CVE-2014-8127 – libtiff: out-of-bounds read with malformed TIFF image in multiple tools
https://notcve.org/view.php?id=CVE-2014-8127
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool. LibTIFF 4.0.3 permite a atacantes remotos producir una denegación de servicio (lectura y bloqueo fuera de límites) a través de una imagen TIFF en la función (1) checkInkNamesString en tif_dir.c en la herramienta thumbnail, la función (2) compressioncontig en Tiff2bw.c en la herramienta tiff2bw, la función (3) putcontig8bitCIELab en tif_getimage.c en la herramienta tiff2rgba, las funciones LZWPreDecode en tif_lzw.c (4) tiff2ps o (5) la herramienta tiffdither , en la función (6) NeXTDecode en tif_next.c en la herramienta tiffmedian, o en la función (7) TIFFWriteDirectoryTagLongLong8Array en tif_dirwrite.c en la herramienta tiffset. • http://bugzilla.maptools.org/show_bug.cgi?id=2484 http://bugzilla.maptools.org/show_bug.cgi?id=2485 http://bugzilla.maptools.org/show_bug.cgi?id=2486 http://bugzilla.maptools.org/show_bug.cgi?id=2496 http://bugzilla.maptools.org/show_bug.cgi? • CWE-125: Out-of-bounds Read •
CVE-2014-9114
https://notcve.org/view.php?id=CVE-2014-9114
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. Blkid en util-linux en versiones anteriores a 2.26rc-1 permite a usuarios locales ejecutar código arbitrario. • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145188.html http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146229.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00035.html http://www.openwall.com/lists/oss-security/2014/11/26/21 http://www.securityfocus.com/bid/71327 https://bugzilla.redhat.com/show_bug.cgi?id=1168485 https://exchange.xforce.ibmcloud.com/vulnerabilities/98993 https://github.com/karelzak/util-linux/commit/89e90ae7b2826110ea28 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •