CVSS: 9.3EPSS: 50%CPEs: 7EXPL: 0CVE-2009-2949 – openoffice.org: integer overflow in XPM processing
https://notcve.org/view.php?id=CVE-2009-2949
15 Feb 2010 — Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow. Desbordamiento de enteros en la función XPMReader::ReadXPM en filter.vcl/ixpm/svt_xpmread.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos ejecutar código de su elección a través de un fichero XPM manipulado que provoca un desbordamiento de buffer basa... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 23%CPEs: 7EXPL: 0CVE-2009-2950 – openoffice.org: GIF file parsing heap overflow
https://notcve.org/view.php?id=CVE-2009-2950
15 Feb 2010 — Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. Desbordamiento de búfer basado en pila en la función GIFLZWDecompressor::GIFLZWDecompressor en filter.vcl/lgif/decode.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una dene... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2010-0307 – Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service
https://notcve.org/view.php?id=CVE-2010-0307
15 Feb 2010 — The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function. La función load_elf_binary en fs/binfmt_elf.c en el ke... • https://www.exploit-db.com/exploits/33585 •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2009-4013 – Debian Linux Security Advisory 1979-1
https://notcve.org/view.php?id=CVE-2009-4013
27 Jan 2010 — Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems. Múltiples vulnerabilidades de salto de directorio en Lintian v1.23.x anterior a v1.23.28, v1.24.x anterior a v1.24.2.1, y v2.x anterior a v2.3.2 permite a atacantes remotos sobreescribir ar... • http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 72%CPEs: 18EXPL: 2CVE-2009-4484 – MySQL - yaSSL CertDecoder::GetName Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-4484
30 Dec 2009 — Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the ... • https://www.exploit-db.com/exploits/16850 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2009-3080 – kernel: gdth: Prevent negative offsets in ioctl
https://notcve.org/view.php?id=CVE-2009-3080
20 Nov 2009 — Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. Error de indice de matriz en la función gdth_read_event en drivers/scsi/gdth.c en el kernel de Linux antes de v2.6.32-RC8 permite a usuarios locales provocar una denegación de servicio o posiblemente obtener privilegios a través de un índice de evento negativo en una solicitud... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=690e744869f3262855b83b4fb59199cf142765b0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-129: Improper Validation of Array Index •
CVSS: 7.5EPSS: 9%CPEs: 14EXPL: 0CVE-2009-3553 – cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface
https://notcve.org/view.php?id=CVE-2009-3553
20 Nov 2009 — Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. Vulnerabilidad de uso anterior a la liberación en el d... • http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 1CVE-2009-3939 – kernel: megaraid_sas permissions in sysfs
https://notcve.org/view.php?id=CVE-2009-3939
16 Nov 2009 — The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. El fichero poll_mode_io para el controlador megaraid_sas en el kernel de Linux v2.6.31.6 y anteriores tiene permisos de escritura para todos, permitiendo a usuarios locales cambiar el modo de E/S del dispositivo modificando este fichero. Kernel packages have been updated. It was discovered that the AX.... • http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2009-3725 – Debian Linux Security Advisory 2012-1
https://notcve.org/view.php?id=CVE-2009-3725
06 Nov 2009 — The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems. La capa de conector en el kernel Linux versiones anteriores a v2.6.31.5 no requiere de la capacidad CAP_SYS_ADMIN para ciertas interacciones de los subsistemas (1) uvesafb, (2) pohmelfs, (3) d... • http://marc.info/?l=linux-kernel&m=125449888416314&w=2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 4%CPEs: 21EXPL: 9CVE-2009-3555 – TLS - Renegotiation
https://notcve.org/view.php?id=CVE-2009-3555
06 Nov 2009 — The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other... • https://packetstorm.news/files/id/84112 • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •