CVE-2015-2580
https://notcve.org/view.php?id=CVE-2015-2580
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.2, permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con NFSv4. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75889 http://www.securitytracker.com/id/1032914 •
CVE-2015-4770
https://notcve.org/view.php?id=CVE-2015-4770
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to UNIX filesystem. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.2, permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con el sistema de archivos UNIX. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75880 http://www.securitytracker.com/id/1032914 •
CVE-2015-0471
https://notcve.org/view.php?id=CVE-2015-0471
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libelfsign. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.2 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocido relacionados con libelfsign. • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html http://www.securityfocus.com/bid/74138 http://www.securitytracker.com/id/1032132 •
CVE-2014-9512
https://notcve.org/view.php?id=CVE-2014-9512
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. rsync 3.1.1 permite a atacantes remotos escribir a ficheros arbitrarios a través de un ataque de enlace simbólico sobre un fichero en la ruta de sincronización. • http://lists.opensuse.org/opensuse-updates/2015-02/msg00041.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00095.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00112.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/76093 http://www.securitytracker.com/id/1034786 http://www.ubuntu.com/usn/USN-2879-1 http://xteam.baidu.com/?p=169 https://bugzilla.samba.org/show_bug.cgi?id=10977 https: • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2014-9659
https://notcve.org/view.php?id=CVE-2014-9659
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240. cff/cf2intrp.c en el interprete CFF CharString en FreeType anterior a 2.5.4 proceda con indicios (hints) adicionales después de que la mascara de indicios (hints) haya sido computado, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (desbordamiento de buffere basado en pila) a través de una fuente OpenType manipulada. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-2240. • http://code.google.com/p/google-security-research/issues/detail?id=190 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8 http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.ubuntu.com/usn/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •