CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 1CVE-2013-2852 – Linux Kernel 3.3.5 - 'b43' Wireless Driver Privilege Escalation
https://notcve.org/view.php?id=CVE-2013-2852
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message. Vulnerabilidad de formato de cadena en la función b43_request_firmware de drivers/net/wireless/b43/main.c en el driver del Broadcom B43 inhalambrico para el kernel Linux hasta la versión v3.9.4 permite a usuarios locales conseguir privilegios haciendo uso de acceso root e incluyendo especificaciones de formato de cadena en un parámetro fwpostfix modprobe, provocando una construcción inapropiada de un mensaje de error • https://www.exploit-db.com/exploits/38559 http://git.kernel.org/cgit/linux/kernel/git/linville/wireless.git/commit/?id=9538cbaab6e8b8046039b4b2eb6c9d614dc782bd http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://rhn.redhat.com/errata/RHSA-2013-1051.html http://rhn.redhat.com/errata/RHSA-2013-1450.html http://www.debian.org/security/2013/dsa-2766 http://www.openwall.com/lists/oss-security/2013 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 2.6EPSS: 0%CPEs: 6EXPL: 2CVE-2013-2037
https://notcve.org/view.php?id=CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. httplib2 0.7.2, 0.8 y anteriores, despues de la conexión inicial, no verifica que el hostname del servidor es igual al nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo cual permite a atacantes man-in-the-middle falsear servidores SSL a través de un certificado válido arbitrario. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706602 http://code.google.com/p/httplib2/issues/detail?id=282 http://seclists.org/oss-sec/2013/q2/257 http://www.securityfocus.com/bid/52179 http://www.ubuntu.com/usn/USN-1948-1 https://bugs.launchpad.net/httplib2/+bug/1175272 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1981 – libX11: Multiple integer overflows leading to heap-based buffer-overflows
https://notcve.org/view.php?id=CVE-2013-1981
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. Múltiples desbordamientos de enteros en X.org libX11 v1.5.99.901 (1.6 RC1) y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, y (10) XGetImage. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html http://www.debian.org/security/2013/dsa-2693 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60120 http://www.ubuntu.com/usn/USN-1854-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1981 https://bugzilla.redhat.com/show_bug.cgi?id=959040 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 13EXPL: 0CVE-2013-1987 – libXrender: Multiple integer overflows leading to heap-based bufer overflows
https://notcve.org/view.php?id=CVE-2013-1987
Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions. Múltiples desbordamientos de enteros en X.org libxrender v0.9.7 y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XRender QueryFilters, (2) XRenderQueryFormats, y (3) XRenderQueryPictIndexValues??. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106862.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00141.html http://www.debian.org/security/2013/dsa-2677 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60132 http://www.ubuntu.com/usn/USN-1863-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access.redhat.com/security/cve/CVE-2013-1987 https://bugzilla.redhat.com/show& • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2013-2064 – libxcb: Integer overflow leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2013-2064
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function. Desbordamiento de entero en X.org libxcb v1.9 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con la función read_packet. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106752.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00137.html http://www.debian.org/security/2013/dsa-2686 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/60148 http://www.ubuntu.com/usn/USN-1855-1 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://access. • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •