Page 36 of 249 results (0.015 seconds)

CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0

CVE-2009-0269 – kernel: ecryptfs readlink flaw

https://notcve.org/view.php?id=CVE-2009-0269

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index. El codigo fuente del fichero fs/ecryptfs/inode.c en el subsistema eCryptfs de versiones del kernel de Linux anteriores a la 2.6.28.1 permite a usuarios locales provocar una denegación de servicio (con fallo o corrupción de memoria), o posiblemente tener algún otro impacto no especificado, a través de una llamada a readlink que resulta en un error que provoca un valor de retorno -1 en el indice de un array. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://secunia.com/advisories/33758 http://secunia.com/advisories/34394 http://secunia.com/advisories/34502 http://secunia.com/advisories/34981 http: • CWE-787: Out-of-bounds Write •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0

CVE-2008-4539

https://notcve.org/view.php?id=CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320. Desbordamiento de búfer basado en montículo en la implementación Cirrus VGA en (1) KVM anterior a kvm-82 y (2) QEMU sobre Debian GNU/Linux y Ubuntu, podría permitir a usuarios locales obtener privilegios mediante el uso de la consola VNC para realizar una conexión, también conocido como el desbordamiento LGD-54XX "bitblt". NOTA: esta cuestión existe por una incorrecta corrección del CVE-2007-1320. • http://git.kernel.dk/?p=qemu.git%3Ba=commitdiff%3Bh=65d35a09979e63541afc5bfc595b9f1b1b4ae069 http://groups.google.com/group/linux.debian.changes.devel/msg/9e0dc008572f2867?dmode=source http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/25073 http://secunia.com/advisories/29129 http://secunia.com/advisories/33350 http://secunia.com/advisories/34642 http://secunia.com/advisories/35031 http://secunia.com/advisories/35062 http://svn.savannah.gnu. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 0

CVE-2008-5500 – Layout engine crashes - Firefox 2 and 3

https://notcve.org/view.php?id=CVE-2008-5500

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow. El motor de diseño de Mozilla Firefox 3.x anterior a 3.0.5 y 2.x anterior a 2.0.0.19, Thunderbird 2.x anterior a 2.0.0.19 y SeaMonkey 1.x anterior a 1.1.14, permite a atacantes remotos provocar una denegación de servicio (caída) y probablemente provocar una corrupción de memoria a través de vectores relacionados con (1) un fallo de aserción o (2) un desbordamiento de entero. • http://secunia.com/advisories/33184 http://secunia.com/advisories/33188 http://secunia.com/advisories/33189 http://secunia.com/advisories/33203 http://secunia.com/advisories/33204 http://secunia.com/advisories/33205 http://secunia.com/advisories/33216 http://secunia.com/advisories/33231 http://secunia.com/advisories/33232 http://secunia.com/advisories/33408 http://secunia.com/advisories/33415 http://secunia.com/advisories/33421 http://secunia.com/advisories/33433 http:/& • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 5%CPEs: 5EXPL: 0

CVE-2008-5501 – Layout engine crash - Firefox 3 only

https://notcve.org/view.php?id=CVE-2008-5501

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure. El motor de diseño en Mozilla Firefox 3.x en versiones anteriores 3.0.5, Thunderbird 2.x en versiones anteriores a 2.0.0.19, y SeaMonkey 1.x en versiones anteriores 1.1.14 que permite a los atacantes remotos causar una denegación de servicios a través de vectores que lanzar un fallo de evaluación. • http://secunia.com/advisories/33188 http://secunia.com/advisories/33189 http://secunia.com/advisories/33203 http://secunia.com/advisories/33216 http://secunia.com/advisories/33421 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.mandriva.com/security/advisories?name=MDVSA-2008:245 http://www.mozilla.org/security/announce/2008/mfsa2008-60.html http://www.redhat.com/support/errata/RHSA-2008-1036.html http://ww •

CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 0

CVE-2008-5502 – JavaScript engine crash - Firefox 3 only

https://notcve.org/view.php?id=CVE-2008-5502

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions. El motor de diseño en Mozilla Firefox 3.x antes de v3.0.5, Thunderbird 2.x antes de v2.0.0.19 y SeaMonkey 1.x antes de v1.1.14 permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores que disparan una corrupción de memoria, relacionada con las funciones GetXMLEntity y FastAppendChar. • http://secunia.com/advisories/33188 http://secunia.com/advisories/33189 http://secunia.com/advisories/33203 http://secunia.com/advisories/33216 http://secunia.com/advisories/33421 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.mandriva.com/security/advisories?name=MDVSA-2008:245 http://www.mozilla.org/security/announce/2008/mfsa2008-60.html http://www.redhat.com/support/errata/RHSA-2008-1036.html http://ww • CWE-399: Resource Management Errors •