CVE-2014-9853
https://notcve.org/view.php?id=CVE-2014-9853
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. Fuga de memoria en los coders/rle.c de ImageMagick permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de un archivo rle manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-399: Resource Management Errors •
CVE-2016-5244
https://notcve.org/view.php?id=CVE-2016-5244
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message. La función rds_inc_info_copy en net/rds/recv.c en el kernel de Linux hasta la versión 4.6.3 no inicializa un cierto miembro de estructura, lo que permite a atacantes remotos obtener información sensible de la memoria de pila del kernel leyendo un mensaje RDS. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html http://lists.opensuse.org • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-4143 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4143
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083. • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html http://www.securitytracker.com/id/1036117 https://access.redhat.com/errata/RHSA-2016:1238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 https://helpx.adobe.com/security/products/flash-player/apsb16-18.html https://access.redhat.com/security •
CVE-2016-4137 – Adobe Flash - LMZA Property Decoding Heap Corruption
https://notcve.org/view.php?id=CVE-2016-4137
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083. • https://www.exploit-db.com/exploits/40089 http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html http://www.securitytracker.com/id/1036117 https://access.redhat.com/errata/RHSA-2016:1238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 https://helpx.adobe.com/security/products/flash-player/apsb16 •
CVE-2016-4129 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4129
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083. • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html http://www.securitytracker.com/id/1036117 https://access.redhat.com/errata/RHSA-2016:1238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 https://helpx.adobe.com/security/products/flash-player/apsb16-18.html https://access.redhat.com/security • CWE-787: Out-of-bounds Write •