Page 24 of 125 results (0.021 seconds)

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

CVE-2018-16540 – ghostscript: use-after-free in copydevice handling (699661)

https://notcve.org/view.php?id=CVE-2018-16540

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. En Artifex Ghostscript en versiones anteriores a la 9.24, los atacantes que puedan proporcionar archivos PostScript manipulados al convertidor PDF14 integrado podrían emplear un uso de memoria previamente liberada en el manejo de copydevice para provocar el cierre inesperado del intérprete u otro tipo de impacto sin especificar. It was discovered that the ghostscript PDF14 compositor did not properly handle the copying of a device. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript document. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=c432131c3fdb2143e148e8ba88555f7f7a63b25e https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0229 https://bugs.ghostscript.com/show_bug.cgi?id=699661 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3768-1 https://www.artifex.com/news/ghostscript-security-resolved https://www.debian.org/security/2018/dsa-4 • CWE-416: Use After Free •

CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0

CVE-2018-12115 – nodejs: Out of bounds (OOB) write via UCS-2 encoding

https://notcve.org/view.php?id=CVE-2018-12115

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written. En todas las versiones de Node.js anteriores a la 6.14.4, 8.11.4 y 10.9.0, cuando se utiliza con codificación UCS-2 (reconocida por Node.js bajo los nombres "ucs2", "ucs-2", "utf16le" y "utf-16le"), se puede explotar "Buffer#write()" para escribir fuera de los límites de un búfer. Las escrituras que empiezan desde la segunda hasta la última posición de un búfer provocan un error de cálculo de la longitud máxima de los bytes de entrada que se van a escribir. • http://www.securityfocus.com/bid/105127 https://access.redhat.com/errata/RHSA-2018:2552 https://access.redhat.com/errata/RHSA-2018:2553 https://access.redhat.com/errata/RHSA-2018:2944 https://access.redhat.com/errata/RHSA-2018:2949 https://access.redhat.com/errata/RHSA-2018:3537 https://nodejs.org/en/blog/vulnerability/august-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12115 https://bugzilla.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-13988 – poppler: out of bounds read in pdfunite

https://notcve.org/view.php?id=CVE-2018-13988

Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. Poppler hasta la versión 0.62 contiene una vulnerabilidad de lectura fuera de límites debido a un acceso incorrecto a la memoria que no se mapea en su espacio de memoria, tal y como queda demostrado con pdfunite. Esto puede resultar en la corrupción de memoria y una denegación de servicio (DoS). • http://packetstormsecurity.com/files/148661/PDFunite-0.62.0-Buffer-Overflow.html https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3140 https://access.redhat.com/errata/RHSA-2018:3505 https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-13988 https://bugzilla.redhat.com/show_bug.cgi?id=1602838 https://cgit.freedesktop.org/poppler/poppler/commit/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee https://lists.debian.org/debian-lts-announce/2018/10/msg00024.ht • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2018-12910 – libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames

https://notcve.org/view.php?id=CVE-2018-12910

The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. La función get_cookies en soup-cookie-jar.c en libsoup 2.63.2 permite que los atacantes provoquen un impacto no especificado mediante un nombre de host vacío. An out-of-bounds read has been discovered in libsoup when getting cookies from a URI with empty hostname. An attacker may use this flaw to cause a crash in the application. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00003.html https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3140 https://access.redhat.com/errata/RHSA-2018:3505 https://gitlab.gnome.org/GNOME/gnome-sdk-images/commit/4215b8a21b3b3055e947312a8920df94f93ba047 https://gitlab.gnome.org/GNOME/libsoup/commit/db2b0d5809d5f8226d47312b40992cadbcde439f https://gitlab.gnome.org/GNOME/libsoup/issues/3 https://lists.debian.org/debian-lts-announce/2018/07/msg00007. • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 1%CPEs: 5EXPL: 1

CVE-2018-13033 – binutils: Uncontrolled Resource Consumption in execution of nm

https://notcve.org/view.php?id=CVE-2018-13033

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm. La biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30 y anteriores permite que atacantes remotos provoquen una denegación de servicio (asignación excesiva de memoria y cierre inesperado de la aplicación) mediante un archivo ELF manipulado. Esto queda demostrado por _bfd_elf_parse_attributes en elf-attrs.c y bfd_malloc en libbfd.c. Esto puede ocurrir durante la ejecución de nm. • http://www.securityfocus.com/bid/104584 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3032 https://security.gentoo.org/glsa/201908-01 https://sourceware.org/bugzilla/show_bug.cgi?id=23361 https://usn.ubuntu.com/4336-1 https://access.redhat.com/security/cve/CVE-2018-13033 https://bugzilla.redhat.com/show_bug.cgi?id=1597436 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •