CVSS: 2.1EPSS: 0%CPEs: 174EXPL: 0CVE-2012-1717 – OpenJDK: insecure temporary file permissions (JRE, 7143606)
https://notcve.org/view.php?id=CVE-2012-1717
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualización 35 y anteriores, y v1.4.2_37 y anteriores permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos relacionados con el la impresión en Solaris o Linux. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html http://rhn.redhat.com/errata/RHSA-2012-0734.html http://rhn.redhat.com/errata/RHSA-2012-1243.html http://rhn.redhat& • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.0EPSS: 0%CPEs: 22EXPL: 0CVE-2012-0876 – expat: hash table collisions CPU usage DoS
https://notcve.org/view.php?id=CVE-2012-0876
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. El analizador XML (xmlparse.c) en expat antes de v2.1.0 calcula los valores de hash sin restringir la capacidad de desencadenar colisiones hash de forma predecible, lo que permite causar una denegación de servicio (por consumo de CPU) a atacantes dependientes de contexto a través de un archivo XML con muchos identificadores con el mismo valor. A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. • http://bugs.python.org/issue13703#msg151870 http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html http://rhn.redhat.com/errata/RHSA-2012-0731.html http://rhn.redhat.com/errata/RHSA-2016-0062.html http://rhn.redhat.com/errata/RHSA-2016-2957.html http://secunia.com/advisories/49504 http://secunia.com/advisories/51024 • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 4.3EPSS: 96%CPEs: 13EXPL: 3CVE-2011-0419 – Apache 1.4/2.2.x - APR 'apr_fnmatch()' Denial of Service
https://notcve.org/view.php?id=CVE-2011-0419
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. Vulnerabilidad de agotamiento de pila en la función fnmatch implementada en apr_fnmatch.c en la librería de Apache Portable Runtime (APR) anterior a v1.4.3 y en Apache HTTP Server anterior a v2.2.18, y en fnmatch.c en libc en NetBSD v5.1, OpenBSD v4.8, FreeBSD, Apple Mac OS X v10.6, Oracle Solaris 10, y Android permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de CPU y memoria) a través de secuencias "*?" en el primer argumento, como se demostró con los ataques contra mod_autoindex en httpd. • https://www.exploit-db.com/exploits/35738 http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22 http://cxib.net/stuff/apache.fnmatch.phps http://cxib.net/stuff/apr_fnmatch.txts http://httpd.apache.org/security/vulnerabilities_22.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html http://marc.info/?l=bugtraq&m=131551295528105&w=2 http://marc.info/&# • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.3EPSS: 97%CPEs: 156EXPL: 3CVE-2010-3654 – Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
https://notcve.org/view.php?id=CVE-2010-3654
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. Flash Player de Adobe anterior a versión 9.0.289.0 y versiones 10.x anteriores a 10.1.102.64 en Windows, Mac OS X, Linux y Solaris y versión 10.1.95.1 en Android, y authplay.dll (también se conoce como AuthPlayLib.bundle o libauthplay.so.0.0.0) en Reader y Acrobat de Adobe versiones 9.x hasta 9.4, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y bloqueo de aplicación) por medio de contenido SWF diseñado, como se explotó “in the wild” en octubre de 2010. • https://www.exploit-db.com/exploits/17187 https://www.exploit-db.com/exploits/16667 http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html http://secunia.com/advisorie • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 20EXPL: 0CVE-2010-1321 – krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)
https://notcve.org/view.php?id=CVE-2010-1321
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. Vulnerabilidad en la función "kg_accept_krb5" en "krb5/accept_sec_context.c" de la librería GSS-API en MIT Kerberos v5 (también conocido como krb5) a través de v1.7.1 y v1.8 anterior a v1.8.2, como los usados en "kadmind" y otras aplicaciones, no comprueban adecuadamente vales (tokens) GSS-API inválidos, que permiten a usuarios autenticados remotamente causar una denegación de servicio (referencia a puntero nulo y caída del demonio) a través de un mensaje AP-REQ en el cual se pierde el campo "checksum" del usuario autenticado. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce • CWE-476: NULL Pointer Dereference •