CVSS: 3.3EPSS: 0%CPEs: 16EXPL: 0CVE-2009-5044
https://notcve.org/view.php?id=CVE-2009-5044
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. contrib/pdfmark/pdfroff.sh en GNU troff (también conocido como groff) antes de v1.21 permite sobreescribir ficheros de su elección a los usuarios locales a través de un ataque de enlace simbólico sobre un fichero temporal pdf#####.tmp . • ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330 http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1%3Br2=1.2%3Bf=h http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://openwall.com/lists/oss-security/2009/08/09/1 http://ope • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2011-2192 – curl: Improper delegation of client credentials during GSS negotiation
https://notcve.org/view.php?id=CVE-2011-2192
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. La función Curl_input_negotiate en http_negotiate.c en libcurl v7.10.6 a v7.21.6, tal y como se utiliza en curl y otras aplicaciones, siempre lleva a cabo delegación de credenciales durante la autenticación GSSAPI, lo que permite a hacerse pasar por clientes legitimos a servidores remotos a través de peticiones GSSAPI. • http://curl.haxx.se/curl-gssapi-delegation.patch http://curl.haxx.se/docs/adv_20110623.html http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062287.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061992.html http://secunia.com/advisories/45047 http://secunia.com/advisories/45067 http://secunia.com/advisories/45088 http://secunia.com/advisories/45144 http://secunia.com/ • CWE-255: Credentials Management Errors •
CVSS: 7.5EPSS: 8%CPEs: 8EXPL: 0CVE-2011-1755 – jabberd: DoS via the XML "billion laughs attack"
https://notcve.org/view.php?id=CVE-2011-1755
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. jabberd2 antes de v2.2.14 no detecta correctamente la recursividad durante la expansión de la entidad, lo que permite a atacantes remotos provocar una denegación de servicio ( consumo de memoria y CPU ) a través de un documento XML manipulado que contiene un gran número de referencias a entidades anidadas, un problema similar a CVE-2003-1564. • http://codex.xiaoka.com/svn/jabberd2/tags/jabberd-2.2.14/ChangeLog http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061341.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061458.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061482.html http://secunia.com/advisories/44787 http://secunia.com/advisories/44957 http://secunia.com/advisories/45112 http:/ • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 6.8EPSS: 1%CPEs: 14EXPL: 0CVE-2011-0177
https://notcve.org/view.php?id=CVE-2011-0177
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font. Múltiples desbordamientos de búfer en Apple Type Services (ATS) en Apple Mac OS X antes de v10.6.7 permite a atacantes remotos ejecutar código de su elección a través de un documento que contiene una tabla SFNT manipulada en una fuente embebida. • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://support.apple.com/kb/HT4581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2011-0183
https://notcve.org/view.php?id=CVE-2011-0183
Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service (lockd, statd, mountd, or portmap outage) via a crafted packet, related to an "integer truncation issue." Libinfo en Apple Mac OS X antes de v10.6.7 no controla correctamente un campo entero sin especificar en un paquete NFS RPC, que permite a atacantes remotos provocar una denegación de servicio (lockd, statd, mountd, o corte de portmap) a través de un paquete manipulado, relacionado con un "fallo de truncado de entero". • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://support.apple.com/kb/HT4581 • CWE-189: Numeric Errors •