CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 7CVE-2010-3870 – PHP 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation
https://notcve.org/view.php?id=CVE-2010-3870
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string. La función utf8_decode en PHP anterior v5.3.4 no maneja adecuadamente la codificación UTF-8 corta y las secuencias malformadas en los datos UTF-8, lo que hace fácil para los atacantes remotos superar los mecanismos de protección en la secuencia de comandos en sitios cruzados (XSS) e inyección de SQL a través de cadenas manipuladas. • https://www.exploit-db.com/exploits/34950 http://bugs.php.net/bug.php?id=48230 http://bugs.php.net/bug.php?id=49687 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http:&# • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 69%CPEs: 26EXPL: 0CVE-2010-2941 – cups: cupsd memory corruption vulnerability
https://notcve.org/view.php?id=CVE-2010-2941
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. ipp.c en cupsd en CUPS v1.4.4 y anteriores no asigna correctamente memoria para valores de atributo con tipos de datos de cadena inválidos, permitiendo a atacantes remotos provocar una denegación de servicio (uso después de liberación y caída de la aplicación) o posiblemente ejecutar código arbitrario mediante una solicitud IPP manipulada. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://rhn.redhat.com/errata/RHSA&# • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2010-3436
https://notcve.org/view.php?id=CVE-2010-3436
fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename. fopen_wrappers.c en PHP v5.3.x hasta v5.3.3 podría permitir a atacantes remotos evitar las restricciones open_basedir a través de vectores relativos a la longitud del nombre de usuario. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://secunia.com/advisories/42729 http://secunia.com/advisories/42812 http://security-tracker.debian.org/tracker/CVE-2010-3436 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc/php/php-src • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 2CVE-2010-3709 – PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2010-3709
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive. La función ZipArchive::getArchiveCommen en PHP v5.2.x hasta v5.2.14 y v5.3.3 hasta v5.3.x permite a atacantes dependientes de contexto para provocar una denegación de servicio (desreferencia a puntero NULL y caída de la aplicación) a través de un archivo ZIP manipulado. PHP versions 5.3.3 and 5.2.14 suffer from a ZipArchive::getArchiveComment NULL pointer dereference vulnerability. • https://www.exploit-db.com/exploits/15431 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://marc.info/?l=bugtraq&m=130331363227777&w=2 http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://secunia.com/advisories/42729 http://secunia.com/advisories/42812 http://securityreason.com/achievement_s • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 13EXPL: 3CVE-2010-2963 – Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite
https://notcve.org/view.php?id=CVE-2010-2963
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. drivers/media/video/v4l2-compat-ioctl32.c en la implementación de Video4Linux (V4L) en kernel de Linux anteriores a v2.6.36 en plataformas de 64 bits no valida el destino de una operación de copia de memoria, lo cual permite a usuarios locales escribir en lugares de memoria del núcleo a su elección, y en consecuencia obtener privilegios, a través de una llamada VIDIOCSTUNER ioctl en un dispositivo /dev/video, seguida por una llamada VIDIOCSMICROCODE ioctl en este dispositivo. • https://www.exploit-db.com/exploits/15344 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3e645d6b485446c54c6745c5e2cf5c528fe4deec http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html http://secunia.com/advisories/42745 http://www.debian.org/security/2010/dsa-2126 http://www.kernel.org&#x • CWE-20: Improper Input Validation •