Page 20 of 168 results (0.016 seconds)

CVSS: 6.5EPSS: 2%CPEs: 24EXPL: 0

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. Fuga de memoria en pngrutil.c en libpng anteriores a v1.2.44 y v1.4.x anteriores a v.1.4.3, permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de aplicación) a través de una imagen que contiene un troceado mal formado del Physical Scale (también conocido como sCAL) • http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html http&# • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 9.8EPSS: 70%CPEs: 31EXPL: 4

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Desbordamiento de buffer en el fichero pngpread.c en libpng anteriores a 1.2.44 y 1.4.x anteriroes a 1.4.3, como se utiliza en aplicaciones progresivas, podría permitir a atacantes remotos ejecutar código arbitrario mediante una imagen PNG que desencadena una serie de datos adicionales. • https://www.exploit-db.com/exploits/14422 https://github.com/mk219533/CVE-2010-1205 http://blackberry.com/btsc/KB27244 http://code.google.com/p/chromium/issues/detail?id=45983 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.apple.com/archives/security-anno • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.8EPSS: 2%CPEs: 6EXPL: 0

Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. Desbordamiento de búfer basado en pila en la función TIFFFetchSubjectDistance en tif_dirread.c en LibTIFF anterior v3.9.4 permite a atacantes remotos causar una denegación de servicio (caída aplicación)o probablemente ejecutar código de su elección a través de un campo SubjectDistance largo en un fichero TIFF. • http://bugzilla.maptools.org/show_bug.cgi?id=2212 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=874 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://marc.info/?l=oss-security&m=127731610612908&w=2 http://osvdb.org/65676 http://secunia.com/advisories/40241 http://secunia.com/advisories/40381 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://slackware.com/security/viewer.php?l= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 97%CPEs: 5EXPL: 1

Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. Desbordamiento de búfer en la implementación del paquete SMB1 en la función chain_reply en process.c en smbd en Samba v3.0.x anterior v3.3.13 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria o caída de demonio) o probablemente ejecutar código de su elección a través de un campo manipulado en un paquete. • https://www.exploit-db.com/exploits/16860 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=873 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://marc.info/?l=bugtraq&m=129138831608422&w=2 http://marc.info/?l=bugtraq&m=130835366526620&w=2 http://marc.info/?l=samba-announce&m=127668712312761&w=2 http://osvdb.org/65518 http://secunia.com/advisories/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 6%CPEs: 15EXPL: 0

OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed. OpenOffice.org v2.x y v3.0 anterior v3.2.1 permite a atacantes remotos asistidos por usuarios supera las restricciones macro de seguridad de Python y ejecutar código Python de su elección a través de un fichero de texto OpenDocument manipulado lo cual ocasiona la ejecución de código cuando la estructura directorio macro es previsualizada. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042468.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042529.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042534.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://secunia.com/advisories/40070 http://secunia.com/advisories/40084 http://secunia.com/advisories/40104 http://secunia.com/advisories/40107 http://secunia.com/advisories/41818 http:/ •