CVSS: 6.5EPSS: 0%CPEs: 38EXPL: 0CVE-2009-2416 – mingw32-libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types
https://notcve.org/view.php?id=CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. Múltiples vulnerabilidades de uso anterior a la liberación en libxml2 v2.5.10, v2.6.16, v2.6.26, v2.6.27, y v2.6.32, y libxml v1.8.17, permite a atacantes dependientes de contexto producir una denegación de servicio (caída de aplicación) a través de una ,manipulación de (1) una notación o (2) tipos de atributo de enumeración en un fichero XML como se demostró en Codenomicon XML fuzzing framework. • http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://secunia.com/advisories/35036 http://secunia.com/advisories/36207 http://secunia.com/advisories/36338 http://secunia • CWE-416: Use After Free •
CVSS: 9.3EPSS: 22%CPEs: 22EXPL: 0CVE-2009-1726
https://notcve.org/view.php?id=CVE-2009-1726
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile. Desbordamiento de búfer basado en memoria dinámica en ColorSync en Apple Mac OS X v10.4.11 y v10.5 anterior a v10.5.8 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (cuelgue de aplicación) a través de una imagen manipulada que contiene un perfil ColorSync incrustado. • http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html http://osvdb.org/56845 http://secunia.com/advisories/36096 http://secunia.com/advisories/40105 http://secunia.com/advisories/40196 http://support.apple.com/kb/HT3757 http://support.apple.com/kb/HT4196 http://support.apple.com/kb/HT4220 http://www.se • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 10%CPEs: 44EXPL: 0CVE-2009-1728
https://notcve.org/view.php?id=CVE-2009-1728
Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before 10.5.8, and 10.4 before Digital Camera RAW Compatibility Update 2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image. Desbordamiento de Pila basado en búfer en Image RAW en Apple Mac OS X v10.5 anterior a v10.5.8, y v10.4 anterior a Digital Camera RAW Compatibility Update v2.6(actualización de compatibilidad con cámara digital RAW v2.6), permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (cuelgue de aplicación) a través de una imagen Canon RAW manipulada. • http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html http://osvdb.org/56843 http://secunia.com/advisories/36096 http://support.apple.com/kb/HT3757 http://www.securityfocus.com/bid/35954 http://www.securitytracker.com/id?1022674 http://www.us-cert.gov/cas/techalerts/TA09-218A.html http://www.vupen.com/english/advisories/2009/2172 https://exchange.xforce.ibmcloud.com/vulnerabilities/52423 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0CVE-2009-2191
https://notcve.org/view.php?id=CVE-2009-2191
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name. Vulnerabilidad de formato de cadena en la ventana de inicio de sesión (Login Window) en Apple Mac OS X v10.4.11 y v10.5 anterior a v10.5.8 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (cuelgue de aplicación) a través de especificadores de formato de cadena en un nombre de aplicación. • http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html http://osvdb.org/56840 http://secunia.com/advisories/36096 http://support.apple.com/kb/HT3757 http://www.securityfocus.com/bid/35954 http://www.us-cert.gov/cas/techalerts/TA09-218A.html http://www.vupen.com/english/advisories/2009/2172 https://exchange.xforce.ibmcloud.com/vulnerabilities/52428 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 3CVE-2009-0949 – CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. La función ippReadIO en cups/ipp.c en cupsd en CUPS antes de la versión 1.3.10 no inicia de manera apropiada la memoria para paquetes de solicitud IPP, lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída del demonio) mediante una solicitud de programación (scheduler) con dos etiquetas IPP_TAG_UNSUPPORTED consecutivas. • https://www.exploit-db.com/exploits/33020 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35322 http://secunia.com/advisories/35328 http://secunia.com/advisories/35340 http://secunia.com/advisories/35342 http://secunia.com/advisories/35685 http://secunia.com/advisories/36701 http://securitytracker.com/id?1022321 http://support.apple.com/kb/HT3865 http&# • CWE-476: NULL Pointer Dereference CWE-908: Use of Uninitialized Resource •