CVSS: 3.5EPSS: 0%CPEs: 30EXPL: 0CVE-2014-5353 – krb5: NULL pointer dereference when using a ticket policy name as a password policy name
https://notcve.org/view.php?id=CVE-2014-5353
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. La función krb5_ldap_get_password_policy_from_dn en plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c en MIT Kerberos 5 (también conocido como krb5) anterior a 1.13.1, cuando el KDC utiliza LDAP, permite a usuarios remotos autenticados causar una denegación de servicio (caída del demonio) a través de una consulta LDAP con éxito pero sin resultados, tal y como fue demostrado mediante el uso de un tipo de objeto incorrecto para una política de contraseñas. If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker who has the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. • http://advisories.mageia.org/MGASA-2014-0536.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155828.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html http://rhn.redhat.com/errata/RHSA-2015-0439.html http://rhn.redhat.com/errata/RHSA-2015-0794.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:009 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/71679 http://www.sec • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2014-7844 – mailx: command execution flaw
https://notcve.org/view.php?id=CVE-2014-7844
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. BSD mailx versión 8.1.2 y anteriores, permiten a atacantes remotos ejecutar comandos arbitrarios por medio de una dirección de correo electrónico diseñada. A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters (CVE-2004-2771) and the direct command execution functionality (CVE-2014-7844). • http://linux.oracle.com/errata/ELSA-2014-1999.html http://rhn.redhat.com/errata/RHSA-2014-1999.html http://seclists.org/oss-sec/2014/q4/1066 http://www.debian.org/security/2014/dsa-3104 http://www.debian.org/security/2014/dsa-3105 https://access.redhat.com/security/cve/CVE-2014-7844 https://bugzilla.redhat.com/show_bug.cgi?id=1162783 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.4EPSS: 1%CPEs: 7EXPL: 0CVE-2014-8567 – mod_auth_mellon: logout processing leads to denial of service
https://notcve.org/view.php?id=CVE-2014-8567
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data. El módulo mod_auth_mellon anterior a 0.8.1 permite a atacantes remotos causar una denegación de servicio (caída del servidor Apache HTTP) a través de una petición de apagado del servicio Apache manipulada. It was found that uninitialized data could be accessed when processing a user's logout request. By attempting to log out, a user could possibly cause the Apache HTTP Server to crash. • http://linux.oracle.com/errata/ELSA-2014-1803.html http://rhn.redhat.com/errata/RHSA-2014-1803.html http://secunia.com/advisories/62094 http://secunia.com/advisories/62125 https://github.com/UNINETT/mod_auth_mellon/commit/0f5b4fd860fa7e3a6c47201637aab05395f32647 https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html https://access.redhat.com/security/cve/CVE-2014-8567 https://bugzilla.redhat.com/show_bug.cgi?id=1157954 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 0CVE-2014-3188 – v8: IPC and v8 issue fixed in Google Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3188
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h. Google Chrome anterior a 38.0.2125.101 y Chrome OS anterior a 38.0.2125.101 no manejan debidamente la interacción de IPC y Google V8, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores que involucran datos JSON, realcionado con el análisis sintáctico indebido de un indice escapado por ParseJsonObject en json-parser.h. • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update-for-chrome-os.html http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2014-1626.html https://code.google.com/p/v8/source/detail?r=24125 https://crbug.com/416449 https://access.redhat.com/security/cve/CVE-2014-3188 https://bugzilla.redhat.com/show_bug.cgi?id=1150848 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-3198 – chromium: OOB reads in PDFium fixed in Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3198
The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. La función Instance::HandleInputEvent en pdf/instance.cc en el componente PDFium en Google Chrome anterior a 38.0.2125.101 interpreta cierto valor -1 como un indice en lugar de un código de error de página no visible, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2014-1626.html http://www.securityfocus.com/bid/70273 https://codereview.chromium.org/560133004 https://crbug.com/415307 https://access.redhat.com/security/cve/CVE-2014-3198 https://bugzilla.redhat.com/show_bug.cgi?id=1151368 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •