Page 4 of 259 results (0.033 seconds)

CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 1

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. libxml2 anterior v2.7.8, como el usado en Google Chrome anterior v7.0.517.44, Apple Safari v5.0.2 y anteriores, otros productos, ree desde localizaciones de memoria inválidas durante el procesado de expresiones XPath malformadas, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (caída aplicación) a través de un documento XML. • http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari http://code.google.com/p/chromium/issues/detail?id=58731 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •

CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 7

The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string. La función utf8_decode en PHP anterior v5.3.4 no maneja adecuadamente la codificación UTF-8 corta y las secuencias malformadas en los datos UTF-8, lo que hace fácil para los atacantes remotos superar los mecanismos de protección en la secuencia de comandos en sitios cruzados (XSS) e inyección de SQL a través de cadenas manipuladas. • https://www.exploit-db.com/exploits/34950 http://bugs.php.net/bug.php?id=48230 http://bugs.php.net/bug.php?id=49687 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http:&# • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 69%CPEs: 26EXPL: 0

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. ipp.c en cupsd en CUPS v1.4.4 y anteriores no asigna correctamente memoria para valores de atributo con tipos de datos de cadena inválidos, permitiendo a atacantes remotos provocar una denegación de servicio (uso después de liberación y caída de la aplicación) o posiblemente ejecutar código arbitrario mediante una solicitud IPP manipulada. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://rhn.redhat.com/errata/RHSA&# • CWE-416: Use After Free •

CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0

fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename. fopen_wrappers.c en PHP v5.3.x hasta v5.3.3 podría permitir a atacantes remotos evitar las restricciones open_basedir a través de vectores relativos a la longitud del nombre de usuario. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://secunia.com/advisories/42729 http://secunia.com/advisories/42812 http://security-tracker.debian.org/tracker/CVE-2010-3436 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc/php/php-src • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 2

The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive. La función ZipArchive::getArchiveCommen en PHP v5.2.x hasta v5.2.14 y v5.3.3 hasta v5.3.x permite a atacantes dependientes de contexto para provocar una denegación de servicio (desreferencia a puntero NULL y caída de la aplicación) a través de un archivo ZIP manipulado. PHP versions 5.3.3 and 5.2.14 suffer from a ZipArchive::getArchiveComment NULL pointer dereference vulnerability. • https://www.exploit-db.com/exploits/15431 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://marc.info/?l=bugtraq&m=130331363227777&w=2 http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://secunia.com/advisories/42729 http://secunia.com/advisories/42812 http://securityreason.com/achievement_s • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •