Page 2 of 7 results (0.009 seconds)

CVSS: 5.0EPSS: 15%CPEs: 14EXPL: 0

CVE-2014-0098 – httpd: mod_log_config does not properly handle logging certain cookies resulting in DoS

https://notcve.org/view.php?id=CVE-2014-0098

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation. La función log_cookie en mod_log_config.c en el módulo mod_log_config en el Apache HTTP Server anterior a 2.4.8 permite a atacantes remotos causar una denegación de servicio (fallo de segmentación y caída de demonio) a través de una cookie manipulada que no es manejada debidamente durante truncado. • http://advisories.mageia.org/MGASA-2014-0135.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://marc.info/?l=bugtraq&m=141017844705317&w=2 http://marc.info/?l=bugtraq&m=141390017113542&w=2 http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/58230 http://secunia.com/advisories/58915 http: • CWE-125: Out-of-bounds Read •

CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0

CVE-2013-2064 – libxcb: Integer overflow leading to heap-based buffer overflow

https://notcve.org/view.php?id=CVE-2013-2064

Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function. Desbordamiento de entero en X.org libxcb v1.9 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con la función read_packet. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106752.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00137.html http://www.debian.org/security/2013/dsa-2686 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/60148 http://www.ubuntu.com/usn/USN-1855-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access. • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •