Page 22 of 364 results (0.006 seconds)

CVSS: 5.8EPSS: 3%CPEs: 11EXPL: 1

CVE-2014-9672

https://notcve.org/view.php?id=CVE-2014-9672

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file. Error en el indice del array en la función parse_fond en base/ftmac.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) o obtener información sensible desde el proceso de la memoria a través de un recurso FOND manipulado en un fichero de fuentes Mac. • http://advisories.mageia.org/MGASA-2015-0083.html http://code.google.com/p/google-security-research/issues/detail?id=155 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html http://www.debian.org/security/2015/dsa-3188 http://www.mandriva.com/security/advisories • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 2%CPEs: 23EXPL: 1

CVE-2014-9674 – freetype: multiple integer overflows Mac_Read_POST_Resource() leading to heap-based buffer overflows

https://notcve.org/view.php?id=CVE-2014-9674

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. La función Mac_Read_POST_Resource en base/ftobjs.c en FreeType anterior a 2.5.4 proceda con la suma de los valores de longitud sin validar los valores originales, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de enteros y desbordamiento de buffer basado en memoria dinámica) o posiblemente tener otro impacto no especificado a través de una fuente Mac manipulada. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way FreeType handled Mac fonts. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. • http://advisories.mageia.org/MGASA-2015-0083.html http://code.google.com/p/google-security-research/issues/detail?id=153 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html http://lists.opensuse& • CWE-122: Heap-based Buffer Overflow •

CVSS: 5.8EPSS: 2%CPEs: 5EXPL: 2

CVE-2015-1038

https://notcve.org/view.php?id=CVE-2015-1038

p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. p7zip 9.20.1 permite a atacantes remotos escribir a ficheros arbitrarios a través de un ataque de enlace simbólico en un archivo. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173245.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174245.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00000.html http://www.debian.org/security/2015/dsa-3289 http://www.openwall.com/lists/oss-security/2015/01/11/2 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.securityfocus.com/bid/71890 https://bugs.debian.org/cgi-bin/bugreport.cg • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 3.5EPSS: 0%CPEs: 30EXPL: 0

CVE-2014-5353 – krb5: NULL pointer dereference when using a ticket policy name as a password policy name

https://notcve.org/view.php?id=CVE-2014-5353

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. La función krb5_ldap_get_password_policy_from_dn en plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c en MIT Kerberos 5 (también conocido como krb5) anterior a 1.13.1, cuando el KDC utiliza LDAP, permite a usuarios remotos autenticados causar una denegación de servicio (caída del demonio) a través de una consulta LDAP con éxito pero sin resultados, tal y como fue demostrado mediante el uso de un tipo de objeto incorrecto para una política de contraseñas. If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker who has the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. • http://advisories.mageia.org/MGASA-2014-0536.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155828.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html http://rhn.redhat.com/errata/RHSA-2015-0439.html http://rhn.redhat.com/errata/RHSA-2015-0794.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:009 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/71679 http://www.sec • CWE-476: NULL Pointer Dereference •

CVSS: 6.5EPSS: 0%CPEs: 160EXPL: 0

CVE-2014-8094 – xorg-x11-server: integer overflow in DRI2 extension function ProcDRI2GetBuffers()

https://notcve.org/view.php?id=CVE-2014-8094

Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write. Desbordamiento de enteros en la función ProcDRI2GetBuffers en la extensión DRI2 en X.Org Server (también conocido como xserver y xorg-server) 1.7.0 hasta 1.16.x anterior a 1.16.3 permite a usuarios remotos autenticados causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una solicitud manipulada, lo que provoca una lectura o escritura fuera de rango. An integer overflow flaw was found in the way the X.Org server calculated memory requirements for certain DRI2 extension requests. A malicious, authenticated client could use this flaw to crash the X.Org server. • http://advisories.mageia.org/MGASA-2014-0532.html http://secunia.com/advisories/61947 http://secunia.com/advisories/62292 http://www.debian.org/security/2014/dsa-3095 http://www.mandriva.com/security/advisories?name=MDVSA-2015:119 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.securityfocus.com/bid/71601 http://www.x.org/wiki/Development/Security/Advisory-2014-12-09 https://security.gentoo.org/glsa/201504-06 https://access.redhat.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •