CVSS: 10.0EPSS: 1%CPEs: 253EXPL: 1CVE-2013-5842 – Oracle Java ObjectOutputStream Sandbox Bypass Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-5842
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850. Vulnerabilidad no especificada en Oracle Java SE 7u40 y versiones anteriores, Java SE 6u60 y versiones anteriores, Java SE 5.0u51 y versiones anteriores y Java SE Embedded 7u40 y versiones anteriores permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Libraries, una vulnerabilidad diferente a CVE-2013-5850. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of ObjectOutputStream. With the usage of this class, it is possible to disable the security manager and run code as privileged. • https://github.com/guhe120/CVE-2013-5842 http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://osvdb.org/98532 http://rhn.redhat.com/erra •
CVSS: 5.0EPSS: 4%CPEs: 29EXPL: 0CVE-2013-4402 – GnuPG: infinite recursion in the compressed packet parser DoS
https://notcve.org/view.php?id=CVE-2013-4402
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. El analizador de paquetes comprimido en GnuPG versiones 1.4.x anteriores a 1.4.15 y versiones 2.0.x anteriores a 2.0.22, permite a los atacantes remotos causar una denegación de servicio (recursión infinita) por medio de un mensaje OpenPGP diseñado. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433 http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html http://rhn.redhat.com/errata/RHSA-2013-1459.html http://www.debian.org/security/2013/dsa-2773 http://www.debian.org/security/2013/dsa-2774 http://www.ubuntu&# • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 1%CPEs: 35EXPL: 0CVE-2013-4296 – libvirt: invalid free in remoteDispatchDomainMemoryStats
https://notcve.org/view.php?id=CVE-2013-4296
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call. La funcion remoteDispatchDomainMemoryStats en daemon/remote.c de libvirt 0.9.1 hasta 0.10.1.x, 0.10.2.x anterior a 0.10.2.8, 1.0.x anterior a 1.0.5.6, y 1.1.x anterior 1.1.2 permite a usuarios remotos autenticados (deferencia y caida del proceso) a través de un llamada RPC manipulada • http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0 http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html http://rhn.redhat.com/errata/RHSA-2013-1272.html http://rhn.redhat.com/errata/RHSA-2013-1460.html http://secunia.com/advisories/60895 http://security.gentoo.org/glsa/glsa-201412-04.xml http://wiki.libvirt.org/page/Maintenance_Releases http://www.debian.org/security&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 20EXPL: 0CVE-2013-4311 – libvirt: insecure calling of polkit
https://notcve.org/view.php?id=CVE-2013-4311
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. libvirt 1.0.5.x anterior a la versión 1.0.5.6, 0.10.2.x anterior a 0.10.2.8, y 0.9.12.x anterior a la versión 0.9.12.2 permite a usuarios locales evadir restricciones de acceso intencionadas mediante el aprovechamiento de una condición de carrera PolkitUnixProcess PolkitSubject en pkcheck a través de un (1) proceso setuid o (2) proceso pkexec, un problema relacionado con CVE-2013-4288. • http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html http://rhn.redhat.com/errata/RHSA-2013-1272.html http://rhn.redhat.com/errata/RHSA-2013-1460.html http://wiki.libvirt.org/page/Maintenance_Releases http://www.openwall.com/lists/oss-security/2013/09/18/6 http://www.ubuntu.com/usn/USN-1954-1 https://access.redhat.com/security/cve/CVE-2013-4311 https://bugzilla.redhat.com/show_bug.cgi?i • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4288 – polkit: unix-process subject for authorization is racy
https://notcve.org/view.php?id=CVE-2013-4288
Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --process (unix-process) option for authorization to pkcheck. Condición de carrera en PolicyKit (también conocida como polkit) permite a usuarios locales evadir restricciones PolicyKit intencionadas y obtener privilegios iniciando un proceso setuid o pkexec antes de que la comproboación de autorización se realice, relacionado con (1) la función de API polkit_unix_process_new, (2) la API dbus, o (3) la opción --process (unix-process) para autorizar a pkcheck. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1002375 http://lists.opensuse.org/opensuse-updates/2013-10/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00062.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00000.html http://rhn.redhat.com/errata/RHSA-2013-1270.html http://rhn.redhat.com/errata/RHSA-2013-1460.html http://seclists.org/oss-sec/2013/q3/626 http://www.openwal • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •