CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2012-0876 – expat: hash table collisions CPU usage DoS
https://notcve.org/view.php?id=CVE-2012-0876
28 Mar 2012 — The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. El analizador XML (xmlparse.c) en expat antes de v2.1.0 calcula los valores de hash sin restringir la capacidad de desencadenar colisiones hash de forma predecible, lo que permite causar una denegación de servicio (por con... • http://bugs.python.org/issue13703#msg151870 • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 1CVE-2012-0037 – raptor: XML External Entity (XXE) attack via RDF files
https://notcve.org/view.php?id=CVE-2012-0037
23 Mar 2012 — Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. Redland Raptor (también conocido como libraptor) anterior a v2.0.7, utilizado por OpenOffice v3.3 y v3.4 Beta, LibreOffice anterior a v3.4.6 y v3.5.x anterior a v3.5.1, y otros productos, permite a atacantes re... • http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.8EPSS: 5%CPEs: 18EXPL: 0CVE-2011-3045 – libpng: buffer overflow in png_inflate caused by invalid type conversions
https://notcve.org/view.php?id=CVE-2011-3045
21 Mar 2012 — Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. El error de signo de entero en pngrutil.c en libpng antes v1.4.10beta01, tal y como se utiliza en Google Chrome antes de v17.0.963.83 y otros productos, permite a atacantes... • http://code.google.com/p/chromium/issues/detail?id=116162 • CWE-190: Integer Overflow or Wraparound CWE-195: Signed to Unsigned Conversion Error •
CVSS: 8.8EPSS: 4%CPEs: 17EXPL: 0CVE-2012-0247 – ImageMagick: invalid validation of images denial of service
https://notcve.org/view.php?id=CVE-2012-0247
06 Mar 2012 — ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. ImageMagick v6.7.5-7 y anteriores permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código de su elección a través de desplazamientos (offsets) modificados y contar valores en la etiqueta ResolutionUnit en el EXIF IFD0 ... • http://rhn.redhat.com/errata/RHSA-2012-0544.html • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 0CVE-2012-0248 – ImageMagick: invalid validation of images denial of service
https://notcve.org/view.php?id=CVE-2012-0248
06 Mar 2012 — ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. ImageMagick v6.7.5-7 y anteriores permite a atacantes remotos causar una denegación de servicio (bucle infinito y bloqueo) a través de una imagen hecha a mano, cuya IFD contiene etiquetas IOP que referencian al principio del IDF. Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-... • http://rhn.redhat.com/errata/RHSA-2012-0544.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 1%CPEs: 32EXPL: 0CVE-2012-0867 – postgresql: MITM due improper x509_v3 CN validation during certificate verification
https://notcve.org/view.php?id=CVE-2012-0867
28 Feb 2012 — PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters. PostgreSQL v8.4.x antes de v8.4.11, v9.0.x antes de v9.0.7, y v9.1.x antes de v9.1.3 trunca el nombre común a sólo 32 caracteres en la verificación de los certificados SSL, lo que permite a atacantes remotos falsificar conexiones cuando el nombre de host es ex... • http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html • CWE-20: Improper Input Validation CWE-295: Improper Certificate Validation •
CVSS: 5.3EPSS: 76%CPEs: 16EXPL: 2CVE-2012-0053 – Apache - httpOnly Cookie Disclosure
https://notcve.org/view.php?id=CVE-2012-0053
28 Jan 2012 — protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. protocol.c en Apache HTTP Server v2.2.x hasta la v2.2.21 no limita adecuadamente la información de cabecera durante la construcción de mensajes de error Bad Request (errores 400)... • https://packetstorm.news/files/id/109284 •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 2CVE-2012-0031 – Apache 2.2 - Scoreboard Invalid Free On Shutdown
https://notcve.org/view.php?id=CVE-2012-0031
18 Jan 2012 — scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. scoreboard.c en Apache HTTP Server v2.2.21 y anteriores puede permitir a usuarios locales provocar una denegación de servicio (caída del demonio durante el apagado) o posiblemente, tener un impacto no e... • https://www.exploit-db.com/exploits/41768 •
CVSS: 9.8EPSS: 2%CPEs: 11EXPL: 0CVE-2011-3919 – libxml2: Heap-based buffer overflow when decoding an entity reference with a long name
https://notcve.org/view.php?id=CVE-2011-3919
07 Jan 2012 — Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Un desbordamiento de pila basado en memoria dinámica (monticulo) en libxml2, tal y como se utiliza en Google Chrome antes de v16.0.912.75, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. OS X Lion v10.7.4 and Securi... • http://code.google.com/p/chromium/issues/detail?id=107128 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2011-3905 – libxml2 out of bounds read
https://notcve.org/view.php?id=CVE-2011-3905
13 Dec 2011 — libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. libxml2, cuando es usado en Google Chrome anterior a v16.0.912.63, permite a atacantes remotos causar una denegación de servicio (lectura fuera de límite) a través de vectores de ataque no determinados. The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way l... • http://code.google.com/p/chromium/issues/detail?id=95465 • CWE-125: Out-of-bounds Read •