CVSS: 6.8EPSS: 1%CPEs: 57EXPL: 0CVE-2007-4769 – postgresql integer overflow in regex code
https://notcve.org/view.php?id=CVE-2007-4769
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number. El analizador de expresiones regulares en TCL versiones anteriores a 8.4.17, como es usado en PostgreSQL versiones 8.2 anteriores a 8.2.6,versiones 8.1 anteriores a 8.1.11, versiones 8.0 anteriores a 8.0.15 y versiones 7.4 anteriores a 7.4.19, permite a usuarios autenticados remotos causar una denegación de servicio (bloqueo del backend) por medio de un número backref fuera de límites. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html http://secunia.com/advisories/28359 http://secunia.com/advisories/28376 http://secunia.com/advisories/28437 http://secunia.com/advisories/28438 http://secunia.com/advisories/28454 http://secunia.com/advisories/28455 http://secunia.com/advisories/28464 http://secunia.com/advisories/28477 http://secunia.com/advisories/28479 http:/&#x • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 3%CPEs: 2EXPL: 0CVE-2007-5378 – Tk GIF processing buffer overflow
https://notcve.org/view.php?id=CVE-2007-5378
Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137. Desbordamiento de búfer en la función FileReadGIF de tkImgGIF.c para Tk Toolkit 8.4.12 y anteriores, y 8.3.5 y anteriores, permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (violación de segmento) mediante un GIF animado en el cual la primera sub-imagen es más pequeña que una sub-imagen subsiguiente, lo cual dispara el desbordamiento en la función REadImage, una vulnerabilidad diferente de CVE-2007-5137. • http://secunia.com/advisories/27207 http://secunia.com/advisories/27295 http://secunia.com/advisories/27801 http://secunia.com/advisories/27806 http://secunia.com/advisories/29070 http://secunia.com/advisories/30129 http://secunia.com/advisories/30535 http://secunia.com/advisories/34297 http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1 http://www.attrition.org/pipermail/vim/2007-October/001826.html http://www.debian.org/security/2007/dsa-1415 http://w • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 33%CPEs: 3EXPL: 0CVE-2007-5137 – Tk GIF processing buffer overflow
https://notcve.org/view.php?id=CVE-2007-5137
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378. Un desbordamiento de búfer en la función ReadImage en el archivo generic/tkImgGIF.c en Tcl (Tcl/Tk) versiones 8.4.13 hasta 8.4.15, permite a atacantes remotos ejecutar código arbitrario por medio de archivos GIF entrelazados de múlti-trama en los que las tramas posteriores son más pequeñas que la primera. NOTA: este problema es debido a un parche incorrecto para CVE-2007-5378. • http://bugs.gentoo.org/show_bug.cgi?id=192539 http://secunia.com/advisories/26942 http://secunia.com/advisories/27086 http://secunia.com/advisories/27182 http://secunia.com/advisories/27207 http://secunia.com/advisories/27229 http://secunia.com/advisories/27295 http://secunia.com/advisories/29069 http://secunia.com/advisories/34297 http://security.gentoo.org/glsa/glsa-200710-07.xml http://sourceforge.net/project/shownotes.php?release_id=541207 http://www.attrition.org/p • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2877
https://notcve.org/view.php?id=CVE-2007-2877
Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths. Desbordamiento de búfer en tcl/win/tclWinReg.c en Tcl (Tcl/Tk) anterior a 8.5a6 permite a usuarios locales obtener privilegios mediante rutas de clave de registro largas. • http://osvdb.org/36528 http://secunia.com/advisories/25401 http://sourceforge.net/project/shownotes.php?group_id=10894&release_id=503937 http://sourceforge.net/tracker/index.php?func=detail&aid=1682211&group_id=10894&atid=110894 https://exchange.xforce.ibmcloud.com/vulnerabilities/34515 •