CVE-2009-1186
https://notcve.org/view.php?id=CVE-2009-1186
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. Desbordamiento de búfer en la función util_path_encode en udev/lib/libudev-util.c en udev antes de v1.4.1 permite a usuarios locales provocar una denegación de servicio (parada del servicio) mediante vectores que disparan una llamada con argumentos manipulados. • http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=662c3110803bd8c1aedacc36788e6fd028944314 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html http://secunia.com/advisories/34731 http://secunia.com/advisories/34750 http://secunia.com/advisories/34753 http://secunia.com/advisories/34771 http://secunia.com/advisories/34776 http://secunia.com/advisories/34785 http://secunia.com/advisories/34787 http://secunia.com/advisories/34801 http://slackware.com/sec • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2009-1185 – Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) UDEV < 1.4.1 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1185
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. udev antes de v1.4.1 no verifica si un mensaje NETLINK es generado desde el espacio del kernel, lo que permite a usuarios locales obtener privilegios mediante el envio de un mensaje NETLIINK desde el espacio de usuario. Versions of udev < 1.4.1 do not verify that netlink messages are coming from the kernel. This allows local users to gain privileges by sending netlink messages from userland. • https://www.exploit-db.com/exploits/8478 https://www.exploit-db.com/exploits/8572 https://www.exploit-db.com/exploits/21848 http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75 http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2aed371cdd958ce82489cf2ab615 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.opensuse.org/opensuse-secu • CWE-346: Origin Validation Error CWE-862: Missing Authorization •
CVE-2008-5021 – Mozilla Firefox Input Box Type Property Dangling Pointer Vulnerability
https://notcve.org/view.php?id=CVE-2008-5021
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory. nsFrameManager en Firefox v3.x antes de la v3.0.4, Firefox v2.x antes de la v2.0.0.18, Thunderbird 2.x antes de la v2.0.0.18, y SeaMonkey v1.x antes de la v1.1.13 permite a atacantes remotos producir una denegación de servicio (caída) y una posible ejecución de código a su elección modificación de las propiedades de un elemento de entrada de fichero mientras se inicia, cuando se esta utilizando el método blur para acceder a no ha sido inicializada. This vulnerability allows attackers to potentially execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a DOM method on a specific HTML form object is called before the object itself has actually completed it's initialization. This will lead to a call of uninitialized data which can result in code execution under the context of the current user. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://secunia.com/advisories/32684 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32695 http://secunia.com/advisories/32713 http://secunia.com/advisories/32714 http://secunia.com/advisories/32715 http://secunia.com/advisories/32721 http://secunia.com/advisories/32778 http://secunia.com/advisories/32798 http://secunia.com/advisories/32845 http:// • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •