CVSS: 7.8EPSS: 14%CPEs: 9EXPL: 0CVE-2007-2242 – IPv6 routing headers issue
https://notcve.org/view.php?id=CVE-2007-2242
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. El protocolo IPv6 permite a atacantes remotos provocar una denegación de servicio mediante cabeceras IPv6 de enrutamiento de tipo 0 (IPV6_RTHDR_TYPE_0) lo cual provoca amplificación de la red entre dos enrutadores. • http://docs.info.apple.com/article.html?artnum=305712 http://docs.info.apple.com/article.html?artnum=306375 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://openbsd.org/errata39.html#022_route6 http://openbsd.org/errata40.html#012_route6 http://secunia.com/advisories/24978 http://secunia.com/advisories/25033 http://secunia.com/advisories/25068 http://secunia.com/advisories/25083 http://secunia.com/advisories/25288 http://secunia.com/advisories/25 •
CVSS: 3.8EPSS: 2%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html http://rhn.redhat.com/errata/RHSA-2007-0125.html http://secunia.com/advisories/24741 http://secunia.com/advisories/24745 http://secunia.com/advisories/ •
CVSS: 8.5EPSS: 5%CPEs: 45EXPL: 0CVE-2007-1351 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1351
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. Desbordamiento de enteros en la función bdfReadCharacters en (1) X.Org libXfont before 20070403 y (2) freetype 2.3.2 y permite a usuarios remotos validados ejecutar código de su elección a través de fuentes manipuladas BDF, las cueles dan como resultado un desbordamiento de pila. • http://issues.foresightlinux.org/browse/FL-223 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html http://rhn.redhat.com/errata/RHSA-2007-0125.html http://secunia.com/advisories/24741 http://secunia.com/advisories/24745 http://secunia.com/advisories/ • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 44%CPEs: 2EXPL: 1CVE-2007-1365 – OpenBSD 3.x/4.x - ICMPv6 Packet Handling Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1365
Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service. Desbordamiento de búfer en kern/uipc_mbuf2.c en OpenBSD 3.9 y 4.0 permite a atacantes remotos ejecutar código arbitrario a través de paquetes IPv6 framentados debido a "manipulación incorrecta de mbuf para paquetes ICMP6". NOTA: Esto fue reportado originalmente como una denegación de servicio. • https://www.exploit-db.com/exploits/29725 http://marc.info/?l=openbsd-cvs&m=117252151023868&w=2 http://secunia.com/advisories/24490 http://securitytracker.com/id?1017735 http://www.coresecurity.com/?action=item&id=1703 http://www.kb.cert.org/vuls/id/986425 http://www.openbsd.org/errata39.html#m_dup1 http://www.openbsd.org/errata40.html#m_dup1 http://www.osvdb.org/33050 http://www.securityfocus.com/bid/22901 http://www.securitytracker.com/id?1017744 •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2007-0343
https://notcve.org/view.php?id=CVE-2007-0343
OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. OpenBSD anterior a 20070116 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y agotamiento de CPU) a través de ciertos IPv6 ICMP (también conocido como ICMP6) repitiendo los paquetes de peticiones. • http://secunia.com/advisories/23830 http://securitytracker.com/id?1017518 http://www.openbsd.org/errata.html#icmp6 http://www.openbsd.org/errata39.html#icmp6 http://www.osvdb.org/32935 http://www.securityfocus.com/bid/22087 •