CVE-2019-13730 – chromium-browser: Type Confusion in V8
https://notcve.org/view.php?id=CVE-2019-13730
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en JavaScript en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://access.redhat.com/errata/RHSA-2019:4238 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1028862 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2019-3688 – squid: /usr/sbin/pinger packaged with wrong permission
https://notcve.org/view.php?id=CVE-2019-3688
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary El binario /usr/sbin/pinger empaquetado con squid en SUSE Linux Enterprise Server 15 anterior e incluyendo la versión 4.8-5.8.1 y en SUSE Linux Enterprise Server 12 anterior e incluyendo la versión 3.5.21-26.17.1, presenta squid:root, permisos 0750 . Esto permitió a un atacante que comprometía al usuario squid conseguir persistencia al cambiar el binario. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html https://bugzilla.suse.com/show_bug.cgi?id=1093414 • CWE-276: Incorrect Default Permissions •
CVE-2018-19655
https://notcve.org/view.php?id=CVE-2018-19655
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. Un desbordamiento de búfer basado en pila en la función find_green() de dcraw hasta la versión 9.28, tal y como se emplea en ufraw-batch y muchos otros productos, podría permitir que un atacante remoto provoque el secuestro de un flujo de control, denegación de servicio (DoS) u otro tipo de impacto sin especificar mediante un archivo de fotografía RAW maliciosamente manipulado. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890086 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906529 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3JX4A5F4DWP6NOEULXQXZ5AIH4GA62U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RD65NMWZ5OQNUIF7CLGKLDG4LVPPMJY7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XK4SHVVIZT6FHJVHOQSAFJMQWDLMWKDE • CWE-787: Out-of-bounds Write •
CVE-2018-12122 – nodejs: Slowloris HTTP Denial of Service
https://notcve.org/view.php?id=CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Node.js: Todas las versiones anteriores a la 6.15.0, 8.14.0, 10.14.0 y 11.3.0: Denegación de servicio (DoS) HTTP mediante Slowloris. Un atacante puede provocar una denegación de servicio (DoS) enviando cabeceras muy lentamente, manteniendo las conexiones HTTP o HTTPS y los recursos asociados vivos durante un largo período de tiempo. It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service. • http://www.securityfocus.com/bid/106043 https://access.redhat.com/errata/RHSA-2019:1821 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12122 https://bugzilla.redhat.com/show_bug.cgi?id=1661005 • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-12116 – nodejs: HTTP request splitting
https://notcve.org/view.php?id=CVE-2018-12116
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. Node.js: Todas las versiones anteriores a la 6.15.0 y 8.14.0: separación de petición HTTP. Si se puede convencer a Node.js para que emplee datos Unicode no saneados proporcionados por el usuario para la opción "path" de una petición HTTP, los datos pueden proporcionarse para desencadenar una segunda petición HTTP no esperada y definida por el usuario para el mismo servidor. • https://access.redhat.com/errata/RHSA-2019:1821 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12116 https://bugzilla.redhat.com/show_bug.cgi?id=1660998 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') CWE-115: Misinterpretation of Input •