CVSS: 7.8EPSS: 0%CPEs: 253EXPL: 0CVE-2016-1238
https://notcve.org/view.php?id=CVE-2016-1238
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory. (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL y (25) utils/splain.PL en Perl 5.x en versiones anteriores a 5.22.3-RC2 y 5.24 en versiones anteriores a 5.24.1 1-RC2 no elimina adecuadamente caracteres . (period) del final de la matriz de directorio incluida, lo que podría permitir a usuarios locales obtener privilegios a través de un módulo Troyano bajo el directorio de trabajo actual. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab http://www.debian.org/security/2016/dsa-3628 http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html http://www.securityfocus.com/bid/92136 http://www.securitytracker.com/id/1036440 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 https://lists.apache.org/thread.html/7f6a16bc0fd0fd5 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 1.9EPSS: 0%CPEs: 4EXPL: 0CVE-2012-1568 – kernel: execshield: predictable ascii armour base address
https://notcve.org/view.php?id=CVE-2012-1568
The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries. La característica en algunos parches para el kernel de Red Hat en las versiones Enterprise Linux (RHEL) 5 y 6 y fedora 15 y 16, no maneja adecuadamente el uso de varias librerías compartidas por los archivos ejecutables de 32 bit, lo que facilita a atacantes dependientes del contexto, evitar los mecanismos de protección aprovechando una base de direcciones predecibles para una de estas librerías. • http://openwall.com/lists/oss-security/2012/03/21/3 http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html http://www.openwall.com/lists/oss-security/2012/03/20/4 https://bugzilla.redhat.com/show_bug.cgi?id=804947 https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=302a4fc15aebf202b6dffd6c804377c6058ee6e4 https://access.redhat.com/security/cve/CVE-2012-1568 •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2012-0049
https://notcve.org/view.php?id=CVE-2012-0049
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. OpenTTD versiones anteriores a 1.1.5, contiene una Denegación de Servicio (ataque de lectura lenta) que impide que los usuarios se unan al servidor. • http://security.openttd.org/en/CVE-2012-0049 http://www.debian.org/security/2012/dsa-2524 http://www.openwall.com/lists/oss-security/2012/01/13/9 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0049 https://security-tracker.debian.org/tracker/CVE-2012-0049 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.9EPSS: 0%CPEs: 23EXPL: 2CVE-2012-2095 – WICD 1.7.1 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-2095
The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message. La función SetWiredProperty en la interfaz D-Bus en WICD anterior a 1.7.2 permite a usuarios locales escribir ajustes de configuración arbitrarios y ganar privilegios a través de un nombre de propiedad manipulado en un mensaje dbus. • https://www.exploit-db.com/exploits/18733 http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/751 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668397 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079025.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079029.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079055.html http://secunia.com/advisories/48759 http://secunia.com/advisories/49657 http://www&# • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 4%CPEs: 14EXPL: 0CVE-2012-1149 – libreoffice: Integer overflows, leading to heap-buffer overflows in JPEG, PNG and BMP reader implementations
https://notcve.org/view.php?id=CVE-2012-1149
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow. Un desbordamiento de entero en el módulo de vclmi.dll en OpenOffice.org (OOo) v3.3, v3.4 Beta, y posiblemente en versiones anteriores, y LibreOffice antes de v3.5.3, permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a través de un objeto de imagen especificamente modificado para este fin incrustado en el documento, tal y como lo demuestra una imagen JPEG en un archivo .DOC, que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html http://rhn.redhat.com/errata/RHSA-2012-0705.html http://secunia.com/advisories/46992 http://secunia.com/advisories/47244 http://secunia.com/advisories/49140 http://secunia.com/advisories/49373 http://secunia.com/advisories/49392 http://secunia.com/advisories/50692 h • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •