CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2010-3450 – OpenOffice.org: directory traversal flaws in handling of XSLT jar filter descriptions and OXT extension files
https://notcve.org/view.php?id=CVE-2010-3450
Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. Múltiples vulnerabilidades de salto de directorio en OpenOffice.org (OOo) v2.x y v3.x anteriores a v3.3, permite a atacantes remotos añadir y ejecutar comandos de su elección a través de .. (punto punto) en el parámetro "site" a (1) index.php y (2) admin.php. • http://osvdb.org/70711 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 http://www.openoffice.org • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 1CVE-2011-0480
https://notcve.org/view.php?id=CVE-2011-0480
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. Múltiples desbordamientos de búfer en el decodificador Vorbis en Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 permiten a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/122703 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550 http://code.google.com/p/chromium/issues/detail?id=68115 http://codereview.chromium.org/5964011 http://codereview.chromium.org/6069005 http://ffmpeg.mplayerhq.hu http://git.ffmpeg.org/?p=ffmpeg.git%3Ba=commit%3Bh=13184036a6b1b1d4b61c91118c0896e9ad4634c3 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70463 http://roundup.ffmpeg. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0CVE-2010-4180 – openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack
https://notcve.org/view.php?id=CVE-2010-4180
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. OpenSSL en versiones anteriores a 0.9.8q y 1.0.x en versiones anteriores a 1.0.0c, cuando SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG está habilitado, no previene adecuadamente la modificación del conjunto de cifrado en la caché de sesión, lo que permite a atacantes remotos forzar la degradación para un cifrado no destinado a través de vectores que involucran rastreo de tráfico de red para descubrir un identificador de sesión. • http://cvs.openssl.org/chngview?cn=20131 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html& •
CVSS: 4.7EPSS: 0%CPEs: 12EXPL: 1CVE-2010-3849 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3849
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field. La función econet_sendmsg en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2, cuando se configura una dirección econet, permite a usuarios locales causar una denegación de servicio (desreferencia a puntero NULL y OOPS) a través de una llamada sendmsg que especifica un valor NULL para el campo de dirección remota. • https://www.exploit-db.com/exploits/15704 http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa0e846494792e722d817b9d3d625a4ef4896c96 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://openwall.com/lists/oss-security/2010/11 • CWE-476: NULL Pointer Dereference •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 2CVE-2010-3850 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3850
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. La función ec_dev_ioctl en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2 no requiere la capacidad CAP_NET_ADMIN, que permite a usuarios locales evitar las restricciones de acceso y configurar las direcciones econet a través de una llamada SIOCSIFADDR ioctl. • https://www.exploit-db.com/exploits/15704 https://www.exploit-db.com/exploits/17787 http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16c41745c7b92a243d0874f534c1655196c64b74 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http&# •