CVE-2015-4379
https://notcve.org/view.php?id=CVE-2015-4379
Cross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of certain users for requests that delete files via unspecified vectors. Vulnerabilidad de CSRF en el módulo Webform Multiple File Upload 6.x-1.x anterior a 6.x-1.3 y 7.x-1.x anterior a 7.x-1.3 para Drupal permite a atacantes remotos secuestrar la autenticación de ciertos usuarios para solicitudes que eliminan ficheros a través de vectores no especificados. • http://www.openwall.com/lists/oss-security/2015/04/25/6 http://www.securityfocus.com/bid/74343 https://www.drupal.org/node/2459031 https://www.drupal.org/node/2459035 https://www.drupal.org/node/2459323 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2014-9653 – file: malformed elf file causes access to uninitialized memory
https://notcve.org/view.php?id=CVE-2014-9653
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. readelf.c en file anterior a 5.22, utilizado en el componente Fileinfo en PHP anterior a 5.4.37, 5.5.x anterior a 5.5.21, y 5.6.x anterior a 5.6.5, no considera que las llamadas a pread a veces leen solamente un subjuego de los datos disponibles, lo que permite a atacantes remotos causar una denegación de servicio (acceso a memoria no inicializada) o posiblemente tener otro impacto a través de un fichero ELF manipulado. A flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or disclose certain portions of server memory. • http://bugs.gw.com/view.php?id=409 http://marc.info/?l=bugtraq&m=143748090628601&w=2 http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://mx.gw.com/pipermail/file/2014/001649.html http://openwall.com/lists/oss-security/2015/02/05/13 http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2016-0760.html http://www.debian.org/security/2015/dsa-3196 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVE-2014-9652 – file: out of bounds read in mconvert()
https://notcve.org/view.php?id=CVE-2014-9652
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file. La función mconvert en softmagic.c en file anterior a 5.21, utilizado en el componente Fileinfo en PHP anterior a 5.4.37, 5.5.x anterior a 5.5.21, y 5.6.x anterior a 5.6.5, no maneja correctamente cierto campo de longitud de cadenas durante una copia de una versión trucada de una cadena Pascal, lo que podría permitir a atacantes remotos causar una denegación de servicio (acceso a memoria fuera de rango y caída de aplicación) a través de un fichero manipulado. An ouf-of-bounds read flaw was found in the way the file utility processed certain Pascal strings. A remote attacker could cause an application using the file utility (for example, PHP using the fileinfo module) to crash if it was used to identify the type of the attacker-supplied file. • http://bugs.gw.com/view.php?id=398 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html http://marc.info/?l=bugtraq&m=143748090628601&w=2 http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://openwall.com/lists/oss-security/2015/02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVE-2014-9620 – file: limit the number of ELF notes processed
https://notcve.org/view.php?id=CVE-2014-9620
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. El analizador ELF en file 5.08 hasta 5.21 permite a atacantes remotos causar una denegación de servicio a través de un número grande de notas. A flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file. • http://advisories.mageia.org/MGASA-2015-0040.html http://mx.gw.com/pipermail/file/2014/001653.html http://mx.gw.com/pipermail/file/2015/001660.html http://rhn.redhat.com/errata/RHSA-2016-0760.html http://www.debian.org/security/2015/dsa-3121 http://www.openwall.com/lists/oss-security/2015/01/17/9 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securityfocus.com/bid/71715 https://github.com/file/file/commit/ce90e05774dd77d86cf • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2014-9621
https://notcve.org/view.php?id=CVE-2014-9621
The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string. El analizador ELF en file 5.16 hasta 5.21 permite a atacantes remotos causar una denegación de servicio a través de una cadena larga. • http://advisories.mageia.org/MGASA-2015-0040.html http://mx.gw.com/pipermail/file/2014/001654.html http://mx.gw.com/pipermail/file/2015/001660.html http://www.openwall.com/lists/oss-security/2015/01/17/9 https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c https://security.gentoo.org/glsa/201503-08 https://usn.ubuntu.com/3686-1 • CWE-399: Resource Management Errors •