Page 12 of 87 results (0.007 seconds)

CVSS: 10.0EPSS: 13%CPEs: 65EXPL: 0

Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file. Desbordamiento de búfer en la función exif_read_data de PHP anteriores a 4.3.10 y PHP 5.x hasta 5.0.2 permite a atacantes remotos ejecutar código arbitrario mediante un nombre de sección largo en un fichero de imagen. • http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:151 http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html http://www.php.net/release_4_3_10.php http://www.redhat.com/support/errata/RHSA-2004-687.html http://www.redhat.com/support/errata/RHSA-2005-032.html http://www.securityfocus.com/advisories/9028 https://bugzilla.fedora.us/show_bug.cgi?id=2344 https://exchange.xforce.ibm •

CVSS: 6.4EPSS: 0%CPEs: 32EXPL: 0

Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. El controlador Direct Rendering Manager (DRM) en el kernel de Linux 2.06 no comprueba adecuadamente el bloqueo DMA, lo que podría permitir a atacantes remotos o usuarios locales causar una denegación de servicio (caída del servidor X) y posiblemente modificar la salida de video. • http://secunia.com/advisories/17002 http://www.redhat.com/support/errata/RHSA-2005-092.html http://www.redhat.com/support/errata/RHSA-2005-529.html http://www.redhat.com/support/errata/RHSA-2005-551.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.vupen.com/english/advisories/2005/1878 https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://exchange.xforce.ibmcloud.com/vulnerabilities/15972 https://oval.cisecurity.org/repository/search/definition/oval •

CVSS: 2.1EPSS: 0%CPEs: 98EXPL: 2

The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. La función scm_send de la capa scm de los kernel de Linux 2.4.x hasta 2.4.28 y 2.6.x hasta 2.6.9 permite a usuarios locales causar una denegación de servicio (cuelgue del sistema) mediante mensajes auxiliares artesanales que son pasados a la función sendmsg, lo que produce una condición de bloqueo mutuo. • https://www.exploit-db.com/exploits/685 http://isec.pl/vulnerabilities/isec-0019-scm.txt http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://www.debian.org/security/2006/dsa-1067 http://www.debian.org/security/2006/dsa-1069 http://www.debian.org/security/2006/dsa-1070 http://www.debian.org/security/2006/dsa-1082 http://www.mandriva.com/security/advisories?name=MDKSA& •

CVSS: 10.0EPSS: 33%CPEs: 98EXPL: 1

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. • https://www.exploit-db.com/exploits/686 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 http://isec.pl/vulnerabilities/isec-0018-igmp.txt http://marc.info/?l=bugtraq&m=110306397320336&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.novell.com/linux/security/advisories/2004_44_kernel.html http://www.redhat.com/support/errata/RHSA-2005-092.html https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://exchange.xforce. •

CVSS: 10.0EPSS: 3%CPEs: 22EXPL: 0

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. Error de fuera-por-uno en la función myasl_canon_user en Cyrus IMAP Server 2.2.9 y anteriores conduce a un desbordamiento de búfer, lo que puede permitir a atacantes remotos ejecutar código de su elección mediante el nombre de usuario. • http://asg.web.cmu.edu/cyrus/download/imapd/changes.html http://www.securityfocus.com/bid/11738 https://exchange.xforce.ibmcloud.com/vulnerabilities/18333 https://www.ubuntu.com/usn/usn-37-1 •