Page 29 of 314 results (0.020 seconds)

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

CVE-2017-5402 – Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)

https://notcve.org/view.php?id=CVE-2017-5402

A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Puede ocurrir un uso de memoria previamente liberada cuando se lanzan eventos para un objeto "FontFace" una vez el objeto ha sido ya destruido mientras se trabaja con fuentes. Esto resulta en un cierre inesperado potencialmente explotable. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96664 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1334876 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org/security/2017/dsa-3805 https://www.debian.org/security/2017/dsa-3832 https • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0

CVE-2017-5398 – Mozilla: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 (MFSA 2017-06)

https://notcve.org/view.php?id=CVE-2017-5398

Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Se han reportado errores de seguridad de memoria en Thunderbird 45.7. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96651 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0

CVE-2017-2590 – ipa: Insufficient permission check for ca-del, ca-disable and ca-enable commands

https://notcve.org/view.php?id=CVE-2017-2590

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys. Se ha encontrado una vulnerabilidad en ipa en versiones anteriores a la 4.4. Los comandos ca-del, ca-disable, y ca-enable de IdM no comprobaban correctamente los permisos del usuario mientras modificaban las CA en Dogtag. • http://rhn.redhat.com/errata/RHSA-2017-0388.html http://www.securityfocus.com/bid/96557 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2590 https://access.redhat.com/security/cve/CVE-2017-2590 https://bugzilla.redhat.com/show_bug.cgi?id=1413137 • CWE-275: Permission Issues CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.9EPSS: 0%CPEs: 32EXPL: 0

CVE-2017-2620 – Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo

https://notcve.org/view.php?id=CVE-2017-2620

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. Quick emulator (QEMU) en versiones anteriores a la 2.8 construido con el soporte del emulador Cirrus CLGD 54xx VGA Emulator es vulnerable a un problema de acceso fuera de límites. El problema puede ocurrir al copiar datos VGA en cirrus_bitblt_cputovideo. • http://rhn.redhat.com/errata/RHSA-2017-0328.html http://rhn.redhat.com/errata/RHSA-2017-0329.html http://rhn.redhat.com/errata/RHSA-2017-0330.html http://rhn.redhat.com/errata/RHSA-2017-0331.html http://rhn.redhat.com/errata/RHSA-2017-0332.html http://rhn.redhat.com/errata/RHSA-2017-0333.html http://rhn.redhat.com/errata/RHSA-2017-0334.html http://rhn.redhat.com/errata/RHSA-2017-0350.html http://rhn.redhat.com/errata/RHSA-2017-0351.html http://rhn • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0

CVE-2017-3157 – libreoffice: Arbitrary file disclosure in Calc and Writer

https://notcve.org/view.php?id=CVE-2017-3157

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back. Mediante la explotación de la forma en la que las versiones anteriores a la 4.1.4 de Apache OpenOffice renderizan objetos embebidos, un atacante podría manipular un documento que permite leer en un archivo del sistema de archivos del usuario. El atacante podría recuperar información mediante el uso de, por ejemplo, secciones ocultas para almacenar la información, engañando al usuario para que guarde el documento y convenciéndolo para que envíe de nuevo el documento al atacante. • http://www.securityfocus.com/bid/96402 http://www.securitytracker.com/id/1037893 https://access.redhat.com/errata/RHSA-2017:0914 https://access.redhat.com/errata/RHSA-2017:0979 https://www.debian.org/security/2017/dsa-3792 https://www.openoffice.org/security/cves/CVE-2017-3157.html https://access.redhat.com/security/cve/CVE-2017-3157 https://bugzilla.redhat.com/show_bug.cgi?id=1425844 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •