CVE-2014-9848
https://notcve.org/view.php?id=CVE-2014-9848
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). Fuga de memoria en ImageMagick permite a atacantes remotos provocar una denegación de servicio (consumo de memoria). • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://www.ubuntu.com/usn/USN-3131-1 https://bugzilla.redhat& • CWE-399: Resource Management Errors •
CVE-2017-5930 – Postfixadmin Protected Alias Deletion
https://notcve.org/view.php?id=CVE-2017-5930
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check. El componente AliasHandler en PostfixAdmin en versiones anteriores a 3.0.2 permiten a los administradores de dominio autenticados remotos eliminar alias protegidos a través del parámetro delete para delete.php, implicando un cheque de permiso desaparecido. Postfixadmin installations between 2.91 and 3.0.1 do not check if an admin is allowed to delete protected aliases. This vulnerability can be used to redirect protected aliases to an other mail address. Eg. rewrite the postmaster@domain alias. • http://lists.opensuse.org/opensuse-updates/2017-02/msg00076.html http://www.openwall.com/lists/oss-security/2017/02/08/1 http://www.openwall.com/lists/oss-security/2017/02/09/1 http://www.securityfocus.com/bid/96142 https://github.com/postfixadmin/postfixadmin/blob/postfixadmin-3.0.2/CHANGELOG.TXT https://github.com/postfixadmin/postfixadmin/pull/23 https://sourceforge.net/p/postfixadmin/mailman/message/35646827 • CWE-862: Missing Authorization •
CVE-2017-6318
https://notcve.org/view.php?id=CVE-2017-6318
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. saned en sane-backends 1.0.25 permite a atacantes remotos obtener información sensible de la memoria a través de un paquete SANE_NET_CONTROL_OPTION manipulado. • http://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035054.html http://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035059.html http://lists.opensuse.org/opensuse-updates/2017-03/msg00016.html http://www.securityfocus.com/bid/97028 https://alioth.debian.org/tracker/index.php?func=detail&aid=315576 https://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035029.html https://usn.ubuntu.com/4470-1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-9842
https://notcve.org/view.php?id=CVE-2014-9842
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Fuga de memoria en la función ReadPSDLayers en coders/psd.c en ImageMagick 6.8.9.9 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd12786 • CWE-400: Uncontrolled Resource Consumption •
CVE-2014-9850
https://notcve.org/view.php?id=CVE-2014-9850
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). Error lógico en ImageMagick 6.8.9.9 permite a atacantes remotos provocar una denegación de servicio (consumo de recursos). • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://www.ubuntu.com/usn/USN-3131-1 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=2257d1eadd02d89d225fce21013a1219d221dc7d https://bugzilla.redhat. • CWE-399: Resource Management Errors •