CVE-2017-7995
https://notcve.org/view.php?id=CVE-2017-7995
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL. Xen PV guest anterior a Xen 4.3 chequea los permisos de acceso a los rangos MMIO sólo después de acceder a ellos, lo que permite leer en un dispositivo de memoria PCI, dando lugar a la divulgación de información. Se trata de un error en la función get_user. • http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html http://www.securityfocus.com/bid/98314 https://bugzilla.suse.com/show_bug.cgi?id=1033948 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-9847
https://notcve.org/view.php?id=CVE-2014-9847
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. El decodificador jng en ImageMagick 6.8.9.9 permite a atacantes remotos tener un impacto no especificado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-9851
https://notcve.org/view.php?id=CVE-2014-9851
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). ImageMagick 6.8.9.9 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación). • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://www.ubuntu.com/usn/USN-3131-1 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9 • CWE-20: Improper Input Validation •
CVE-2014-9846
https://notcve.org/view.php?id=CVE-2014-9846
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. Desbordamiento de búfer en la función ReadRLEImage en coders/rle.c en ImageMagick 6.8.9.9 permite a atacantes remotos tener impacto no especificado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-9842
https://notcve.org/view.php?id=CVE-2014-9842
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Fuga de memoria en la función ReadPSDLayers en coders/psd.c en ImageMagick 6.8.9.9 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd12786 • CWE-400: Uncontrolled Resource Consumption •