CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-3062
https://notcve.org/view.php?id=CVE-2016-3062
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file. La función mov_read_dref en libavformat/mov.c en Libav en versiones anteriores a 11.7 y FFmpeg en versiones anteriores a 0.11 permite a atacantes remotos provocar una denegación de srevicio (corrupción de memoria) o ejecutar código arbitrario a través de valores de entrada en una caja dref en un archivo MP4. • http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html http://www.debian.org/security/2016/dsa-3603 https://bugzilla.libav.org/show_bug.cgi?id=929 https://ffmpeg.org/security.html https://git.libav.org/?p=libav.git%3Ba=commit%3Bh=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328 https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746 https://libav.org/releases/libav-11.7.changelog https://security.gentoo.org/glsa/201705-08 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2016-2143 – kernel: Fork of large process causes memory corruption
https://notcve.org/view.php?id=CVE-2016-2143
The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h. La implementación fork en el kernel de Linux en versiones anteriores a 4.5 en la plataforma s390 no maneja correctamente el caso de los cuatro niveles de la tabla de página, lo que permite a usuarios locales causar una denegación de servicio (caída de sistema) o posiblemente tener otro impacto no especificado a través de una aplicación manipulada, relacionado con arch/s390/include/asm/mmu_context.h y arch/s390/include/asm/pgalloc.h. It was reported that on s390x, the fork of a process with four page table levels will cause memory corruption with a variety of symptoms. All processes are created with three level page table and a limit of 4TB for the address space. If the parent process has four page table levels with a limit of 8PB, the function that duplicates the address space will try to copy memory areas outside of the address space limit for the child process. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html http://lists.opensuse.org • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2015-8476
https://notcve.org/view.php?id=CVE-2015-8476
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796. Múltiples vulnerabilidades de inyección CRLF en PHPMailer en versiones anteriores a 5.2.14 permite a atacantes inyectar comandos SMTP arbitrarios a través de secuencias CRLF en (1) una dirección de correo electrónico de la función validateAddress en class.phpmailer.php o (2) un comando SMTP de la función sendCommand en class.smtp.php, una vulnerabilidad diferente a CVE-2012-0796. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177130.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177139.html http://www.debian.org/security/2015/dsa-3416 http://www.openwall.com/lists/oss-security/2015/12/04/5 http://www.openwall.com/lists/oss-security/2015/12/05/1 http://www.securityfocus.com/bid/78619 https://github.com/PHPMailer/PHPMailer/commit/6687a96a18b8f12148881e4ddde795ae477284b0 https://github.com/PHPMailer/PHPMailer/releases/tag& • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 3CVE-2013-4357
https://notcve.org/view.php?id=CVE-2013-4357
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. El paquete eglibc versiones anteriores a la versión 2.14, manejó incorrectamente la función getaddrinfo(). Un atacante podría usar este problema para causar una denegación de servicio. • http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html http://www.openwall.com/lists/oss-security/2013/09/17/4 http://www.openwall.com/lists/oss-security/2013/09/17/8 http://www.openwall.com/lists/oss-security/2015/01/28/18 http://www.openwall.com/lists/oss-security/2015/01/29/21 http://www.openwall.com/lists/oss-security/2015/02/24/3 http://www.securityfocus.com/bid/67992 http://www.ubuntu.com/usn/USN-2306-1 http://www.u • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 1%CPEs: 23EXPL: 0CVE-2014-1557 – Mozilla: Crash in Skia library when scaling high quality images (MFSA 2014-64)
https://notcve.org/view.php?id=CVE-2014-1557
The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image. La función ConvolveHorizontally en Skia, utilizado en Mozilla Firefox anterior a 31.0, Firefox ESR 24.x anterior a 24.7 y Thunderbird anterior a 24.7, no maneja debidamente el descarte de datos de imágenes durante la ejecución de la función, lo que permite a atacantes remotos ejecutar código arbitrario mediante la provocación del escalado prolongado de imágenes, tal y como fue demostrado mediante el escalado de un imagen de alta calidad. • http://linux.oracle.com/errata/ELSA-2014-0918.html http://secunia.com/advisories/59591 http://secunia.com/advisories/59719 http://secunia.com/advisories/59760 http://secunia.com/advisories/60083 http://secunia.com/advisories/60306 http://secunia.com/advisories/60486 http://secunia.com/advisories/60621 http://secunia.com/advisories/60628 http://www.debian.org/security/2014/dsa-2986 http://www.debian.org/security/2014/dsa-2996 http://www.mozilla.org/security/announce/ • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-672: Operation on a Resource after Expiration or Release •