Page 2 of 9 results (0.012 seconds)

CVSS: 8.1EPSS: 7%CPEs: 34EXPL: 0

CVE-2016-0376 – JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix

https://notcve.org/view.php?id=CVE-2016-0376

The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456. La clase com.ibm.rmi.io.SunSerializableFactory en IBM SDK, Java Technology Edition 6 en versiones anteriores a SR16 FP25 (6.0.16.25), 6 R1 en versiones anteriores a SR8 FP25 (6.1.8.25), 7 en versiones anteriores a SR9 FP40 (7.0.9.40), 7 R1 en versiones anteriores a SR3 FP40 (7.1.3.40) y 8 en versiones anteriores a SR3 (8.0.3.0) no deserializa correctamente las clases en un bloque AccessController doPrivileged, lo que permite a atacantes remotos eludir un mecanismo de protección sandbox y ejecutar código arbitrario como se demuestra mediante el método readValue de la clase com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton, lo que implementa la interfaz javax.rmi.CORBA.ValueHandler. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2013-5456. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2016-05 •

CVSS: 4.3EPSS: 0%CPEs: 108EXPL: 0

CVE-2015-7976

https://notcve.org/view.php?id=CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. El comando savconfig ntpq en NTP 4.1.2, 4.2.x en versiones anteriores a 4.2.8p6, 4.3, 4.3.25, 4.3.70 y 4.3.77 no filtra adecuadamente caracteres especiales, lo que permite a atacantes causar un impacto no especificado a través de un nombre de archivo manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-254: 7PK - Security Features •

CVSS: 4.3EPSS: 2%CPEs: 2EXPL: 0

CVE-2012-0414

https://notcve.org/view.php?id=CVE-2012-0414

Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name. Vulnerabilidad de XSS en el servicio Spacewalk de SUSE Manager 1.2 para SUSE Linux Enterprise (SLE) 11 SP1 permite a atacantes remotos inyectar script web o HTML arbitrario a través de un nombre de imagen. • http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html https://bugzilla.novell.com/show_bug.cgi?id=761165 https://support.novell.com/security/cve/CVE-2012-0414.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2008-2812 – kernel: NULL ptr dereference in multiple network drivers due to missing checks in tty code

https://notcve.org/view.php?id=CVE-2008-2812

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. El núcleo de Linux anterior a 2.6.25.10, no realiza de forma adecuada las operaciones tty, esto permite a usuarios locales provocar una denegación de servicio (caída del sistema) o posiblemente obtener privilegios mediante vectores que contienen referencias a puntero NULO en los punteros a funciones en (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, y (8) wireless/strip.c en drivers/net/. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10 http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html http://l • CWE-476: NULL Pointer Dereference •