CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-0913 – Kernel: drm/i915: heap writing overflow
https://notcve.org/view.php?id=CVE-2013-0913
18 Mar 2013 — Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition. Desbordamiento de entero en drivers/gpu/drm/i915/i91... • http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 6%CPEs: 30EXPL: 0CVE-2013-2555 – Adobe Flash RTMP Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2555
11 Mar 2013 — Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. Adobe Flash Player v11.6.602.171 en... • http://archives.neohapsis.com/archives/bugtraq/2013-04/0197.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2013-2482
https://notcve.org/view.php?id=CVE-2013-2482
07 Mar 2013 — The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. EL disertor AMPQ en Wireshark v1.6.x antes de v1.6.14 y v1.8.x antes de v1.8.6 permite a atacantes remotos causar una denegación de servicios (bucle infinito) a través de paquetes malformados. • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2013-2476
https://notcve.org/view.php?id=CVE-2013-2476
07 Mar 2013 — The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. La función dissect_hartip en epan/disectores/hartip.c del disector paquetes en HART/IP en Wireshark v1.8.x antes de v1.8.6 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un paquete con un encabezado que es demasiado corto. • http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissectors/packet-hartip.c?r1=47778&r2=47777&pathrev=47778 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2013-2480
https://notcve.org/view.php?id=CVE-2013-2480
07 Mar 2013 — The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Los disertores RTPS y TTPS2 en Wireshark v1.6.x antes de v1.6.14 y v1.8.x antes de v1.8.6 permite a atacantes remotos causar una denegación de servicios (caída de aplicación) a través de paquetes malformados. • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2013-2477
https://notcve.org/view.php?id=CVE-2013-2477
07 Mar 2013 — The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. El disector CSN.1 en Wireshark v1.8.x anterior a v1.8.6 no gestiona correctamente los punteros a fución, permitiendo a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquete malformado. • http://anonsvn.wireshark.org/viewvc?view=revision&revision=47888 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 11EXPL: 0CVE-2013-2487
https://notcve.org/view.php?id=CVE-2013-2487
07 Mar 2013 — epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo,... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-reload.c?r1=47808&r2=47807&pathrev=47808 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-2485
https://notcve.org/view.php?id=CVE-2013-2485
07 Mar 2013 — The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. El disector FCSP en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 permite a atacantes remotos causar una denegación de servicio (bucle infinito) mediante un paquete malformado. • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2013-2481
https://notcve.org/view.php?id=CVE-2013-2481
07 Mar 2013 — Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. Error de entero sin signo en la función dissect_mount_dirpath_call en el disector Mount en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 cuando nfs_file_name_snooping está... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mount.c?r1=47672&r2=47671&pathrev=47672 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 3%CPEs: 25EXPL: 0CVE-2013-2488
https://notcve.org/view.php?id=CVE-2013-2488
07 Mar 2013 — The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. El disector DTLS en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 no valida el offset del fragmento antes de invocar el estado de la máquina, permitiendo a atacantes remotos ... • http://anonsvn.wireshark.org/viewvc?view=revision&revision=48011 • CWE-20: Improper Input Validation •