CVE-2015-3081 – Flash Broker-Based - Sandbox Escape via Timing Attack Against File Moving
https://notcve.org/view.php?id=CVE-2015-3081
FlashBroker is vulnerable to NTFS junction attack to write an arbitrary file to the filesystem under user permissions. • https://www.exploit-db.com/exploits/37842 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://www.securityfocus.com/bid/74613 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo.org/glsa/201505-02 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2015-3082 – Flash Broker-Based - Sandbox Escape via Forward Slash Instead of Backslash
https://notcve.org/view.php?id=CVE-2015-3082
FlashBroker is vulnerable to an NTFS junction attack to write an arbitrary file to the filesystem under user permissions. • https://www.exploit-db.com/exploits/37840 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74610 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2006-6060
https://notcve.org/view.php?id=CVE-2006-6060
The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function. El código del sistema de ficheros NTFS en el núcleo de Linux 2.6.x hasta 2.6.18, y posiblemente otras versiones, permite a usuarios locales provocar una denegación de servicio (consumo de la CPU) mediante un flujo (stream) fichero NTFS mal formado que dispara un bucle infinito en la función __find_get_block_slow. • http://projects.info-pull.com/mokb/MOKB-19-11-2006.html http://secunia.com/advisories/23474 http://secunia.com/advisories/25691 http://secunia.com/advisories/25714 http://www.debian.org/security/2007/dsa-1304 http://www.novell.com/linux/security/advisories/2006_79_kernel.html http://www.securityfocus.com/archive/1/471457 https://exchange.xforce.ibmcloud.com/vulnerabilities/30418 •