Page 3 of 72 results (0.011 seconds)

CVSS: 8.1EPSS: 0%CPEs: 18EXPL: 6

06 Dec 2010 — The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. La función rds_page_copy_user de net/rds/page.c en la implementación del protocolo "Reliable Datagram Sockets" (RDS) del kernel de Linux en versiones anteriores a la 2.6.36 no valida apropiadamente las... • https://packetstorm.news/files/id/155751 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1284: Improper Validation of Specified Quantity in Input •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

30 Nov 2010 — The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. La función viafb_ioctl_get_viafb_info en drivers/video/via/ioctl.c en el kernel de Linux anterior a v2.6.36-rc5 no inicializa correctamente un valor de una determinada estructura, lo que permite a usuarios locales obtener... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4aaa78f4c2f9cde2f335b14f4ca30b01f9651ca • CWE-909: Missing Initialization of Resource •

CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0

30 Nov 2010 — The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. La función snd_hdspm_hwdep_ioctl en sound/pci/rme9652/hdspm.c en el kernel de Linux anterior a v2.6.36-rc6 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información sensible de la pila... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e68d3b316ab7b02a074edc4f770e6a746390cb7d • CWE-909: Missing Initialization of Resource •

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

30 Nov 2010 — The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. La función snd_hdsp_hwdep_ioctl en sound/pci/rme9652/hdsp.c en el kernel de Linux anterior a v2.6.36-rc6 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información sensible de la pila de l... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e68d3b316ab7b02a074edc4f770e6a746390cb7d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

29 Nov 2010 — The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. La función sisfb_ioctl de drivers/video/sis/sis_main.c del kernel de Linux en versiones anteriores a la 2.6.36-rc6 no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener info... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd02db9de73faebc51240619c7c7f99bee9f65c7 • CWE-909: Missing Initialization of Resource •

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 3

26 Nov 2010 — drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. drivers/media/video/v4l2-compat-ioctl32.c en la implementación de Video4Linux (V4L) en kernel de... • https://www.exploit-db.com/exploits/15344 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 4

20 Nov 2010 — The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer. La función do_tcp_setsockopt de net/ipv4/tcp.c en el kernel de Linux anterior a 2.6.37-rc2 no restringe adecuadamente los valores TCP_MAXSEG (también conocidos como MSS), esto permite ... • https://www.exploit-db.com/exploits/16263 • CWE-369: Divide By Zero •

CVSS: 9.8EPSS: 1%CPEs: 25EXPL: 1

16 Nov 2010 — libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. libxml2 anterior v2.7.8, como el usado en Google Chrome anterior v7.0.517.44, Apple Safari v5.0.2 y anteriores, otros productos, ree desde localizaciones de memoria inválidas durante el proc... • http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 1%CPEs: 29EXPL: 0

05 Nov 2010 — The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. La función Gfx::getPos en el analizador PDF en Xpdf versión anterior a 3.02 PL5, Poppler versión 0.8.7 y posiblemente otras versiones hasta la 0.15.1, CUPS, kdegraphics, y posiblemente otros producto... • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch • CWE-476: NULL Pointer Dereference •

CVSS: 9.8EPSS: 46%CPEs: 26EXPL: 0

05 Nov 2010 — ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. ipp.c en cupsd en CUPS v1.4.4 y anteriores no asigna correctamente memoria para valores de atributo con tipos de datos de cadena inválidos, permitiendo a atacantes remotos provocar una denegación de servicio (uso después de ... • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox • CWE-416: Use After Free •