Page 41 of 206 results (0.019 seconds)

CVSS: 10.0EPSS: 88%CPEs: 15EXPL: 1

CVE-2008-3529 – Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)

https://notcve.org/view.php?id=CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. Desbordamiento de búfer basado en pila en la función xmlParseAttValueComplex en el módulo parser.c de libxml2 versiones anteriores a 2.7.0 permite a atacantes dependientes del contexto provocar una denegación de servicio (parada inesperada) o la posibilidad de ejecutar código de su elección al utilizar un nombre largo de entidad XML. • https://www.exploit-db.com/exploits/8798 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/May/msg00000.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://secunia.com/advisories/31558 http://secunia.com/advisories/31855 http://secunia.com/advisories/31860 http://secunia.com/advisories/31868 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 0

CVE-2008-1945 – qemu/kvm/xen: add image format options for USB storage and removable media

https://notcve.org/view.php?id=CVE-2008-1945

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. QEMU 0.9.0 no maneja apropiadamente cambio de medios extraíbles, lo cual permite a usuarios invitados del sistema operativo leer ficheros de su elección en el Host del sistema operativo utilizando el diskformat: parámetro en la opción -usbdevice para modificar la cabecera disk-image para identificar un formato diferente, una cuestión relacionada a CVE-2008-2004. • http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/32063 http://secunia.com/advisories/32088 http://secunia.com/advisories/34642 http://secunia.com/advisories/35031 http://secunia.com/advisories/35062 http://www.debian.org/security/2009/dsa-1799 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://www.securityfocus.com/bid/30604 http://www.securitytracker.com/id?1020959 http://www.ubuntu.com/usn/usn-776& •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1

CVE-2008-2371

https://notcve.org/view.php?id=CVE-2008-2371

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. Desbordamiento de búfer basado en montículo en pcre_compile.c en la biblioteca Perl-Compatible Regular Expression (PCRE) 7.7, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) o la posibilidad de ejecutar código de su elección a través de expresiones regulares que comienzan con un opción y contienen múltiples ramas. • http://bugs.gentoo.org/show_bug.cgi?id=228091 http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://secunia.com/advisories/30916& • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 1

CVE-2008-2712 – Vim 7.x - Vim Script Multiple Command Execution Vulnerabilities

https://notcve.org/view.php?id=CVE-2008-2712

Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075. Vim 7.1.314, 6.4 y otras versiones, permiten a atacantes remotos asistidos por el usuario ejecutar comandos de su elección a través de secuencias de comandos Vim que cuyos inputs no son limpiados correctamente previa a la ejecución o las funciones del sistema como se ha demostrado con (1) filetype.vim, (2) zipplugin, (3) xpm.vim, (4) gzip_vim y (5) netrw. • https://www.exploit-db.com/exploits/31911 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://marc.info/?l=bugtraq&m=121494431426308&w=2 http://secunia.com/advisories/30731 http://secunia.com/advisories/32222 http://secunia.com/advisories/32858 http://secunia.com/advisories/32864 http://secunia.com/a • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 3%CPEs: 7EXPL: 0

CVE-2008-2009 – vorbis: insufficient validation of Huffman tree causing memory corruption in _make_decode_tree()

https://notcve.org/view.php?id=CVE-2008-2009

Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function. Xiph.org libvorbis versiones anteriores a 1.0 no comprueba apropiadamente para árboles poco poblados Huffman, lo cual permite a atacantes remotos provocar una denegación de servicio (caída) a través de ficheros OGG manipulados que disparan una corrupción de memoria durante la ejecución de la función _make_decode_tree. • http://secunia.com/advisories/30247 http://www.redhat.com/support/errata/RHSA-2008-0271.html http://www.securitytracker.com/id?1020029 http://www.ubuntu.com/usn/USN-861-1 http://www.vupen.com/english/advisories/2008/1510/references https://bugzilla.redhat.com/show_bug.cgi?id=444443 https://exchange.xforce.ibmcloud.com/vulnerabilities/42521 https://access.redhat.com/security/cve/CVE-2008-2009 •