CVSS: 7.5EPSS: 5%CPEs: 3EXPL: 0CVE-2014-9425 – php: Double-free in zend_ts_hash_graceful_destroy()
https://notcve.org/view.php?id=CVE-2014-9425
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de doble liberación en la función zend_ts_hash_graceful_destroy en zend_ts_hash.c en Zend Engine en PHP hasta 5.5.20 y 5.6.x hasta 5.6.4 permite a atacantes remotos causar una denegación de servicio o la posibilidad de tener otro impacto sin especificar a través de vectores no conocidos. A double free flaw was found in zend_ts_hash_graceful_destroy() function in the PHP ZTS module. This flaw could possibly cause a PHP application to crash. • http://advisories.mageia.org/MGASA-2015-0040.html http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=24125f0f26f3787c006e4a51611ba33ee3b841cb http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2bcf69d073190e4f032d883f3416dea1b027a39e http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fbf3a6bc1abcc8a5b5226b0ad9464c37f11ddbd6 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://openwall.com/lists/oss-security/2014/12/29/6 http://rhn.redhat.com/errata/RHSA-2015-1218.html http:&# • CWE-416: Use After Free •
CVSS: 5.0EPSS: 1%CPEs: 12EXPL: 0CVE-2014-3583 – httpd: mod_proxy_fcgi handle_headers() buffer over read
https://notcve.org/view.php?id=CVE-2014-3583
The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers. La función handle_headers en mod_proxy_fcgi.c en el módulo mod_proxy_fcgi en Apache HTTP Server 2.4.10 permite a servidores remotoos FastCGI causar una denegación de servicio (sobre lectura de buffer y caída del demonio) a través de cabeceras de respuesta largas. A buffer overflow flaw was found in mod_proxy_fcgi's handle_headers() function. A malicious FastCGI server that httpd is configured to connect to could send a carefully crafted response that would cause an httpd child process handling the request to crash. • http://httpd.apache.org/security/vulnerabilities_24.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://rhn.redhat.com/errata/RHSA-2015-1855.html http://svn.apache.org/viewvc?view=revision&revision=1638818 http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securityfocus.com/bid/71657 http://www.ubuntu.com/usn/USN-2523-1 https://access.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.8EPSS: 0%CPEs: 88EXPL: 2CVE-2014-9365 – python: failure to validate certificates in the HTTP client with TLS (PEP 476)
https://notcve.org/view.php?id=CVE-2014-9365
The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Los clientes HTTP en las librarias (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib en CPython (también conocido como Python) 2.x anterior a 2.7.9 y 3.x anterior a 3.4.3, cuando accede a una URL HTTPS, not (a) comprueba el certificado contra un almacen trust o verifica que elnombre del servidor coincide con un nombre de dominio en el campo del tema (b) Common Name o (c) subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado válido arbitrario. The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. • http://bugs.python.org/issue22417 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://www.openwall.com/lists/oss-security/2014/12/11/1 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/71639 https://access.redhat.com/errata/RHSA-2016:1166 https://access.redhat.com/errata/RHSA-2017:1162 https://access.redhat.com/errata&#x • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 2.1EPSS: 0%CPEs: 9EXPL: 0CVE-2014-1595
https://notcve.org/view.php?id=CVE-2014-1595
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information. Mozilla Firefox anterior a 34.0, Firefox ESR 31.x anterior a 31.3, y Thunderbird anterior a 31.3 en Apple OS X 10.10 omiten una acción del registro de la deshabilitación de CoreGraphics que es necesario para las aplicaciones basadas en jemalloc, lo que permite a usuarios locales obtener información sensible mediante la lectura de ficheros /tmp, tal y como fue demostrado por la información de credenciales. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.mozilla.org/security/announce/2014/mfsa2014-90.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.reddit.com/r/netsec/comments/2ocxac/apple_coregraphics_framework_on_os_x_1010_is https://bugzilla.mozilla.org/show_bug.cgi?id=1092855 • CWE-199: Information Management Errors •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2014-8611
https://notcve.org/view.php?id=CVE-2014-8611
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application. Vulnerabilidad en la función __sflush en fflush.c en stdio en libc en FreeBSD 10.1 y el kernel en Apple iOS en versiones anteriores a la 9, no maneja correctamente fallos de la llamada del sistema de escritura, lo que permite a atacantes dependientes del contexto ejecutar código o causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html https://support.apple.com/HT205212 https://support.apple.com/HT205267 https://svnweb.freebsd.org/base?view=revision&revision=275665 https://www.freebsd.org/security/advisories/FreeBSD-SA-14:27.stdio.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •