CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2014-6051 – libvncserver: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling
https://notcve.org/view.php?id=CVE-2014-6051
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow. Desbordamiento de enteros en la función MallocFrameBuffer en vncviewer.c en LibVNCServer 0.9.9 y anteriores permite a servidores remotos VNC causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un anuncio para un tamaño grande de pantalla, lo que provoca un desbordamiento de buffer basado en memoria dinámica. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html http://rhn.redhat.com/errata/RHSA-2015-0113.html http://seclists.org/oss-sec/2014/q3/639 http://secunia.com/advisories/61506 http://www.debian.org/security/2014/dsa-3081 http://www.ocert.org/advisories/ocert-2014-007.html http://www.openwall.com/lists& • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 63%CPEs: 9EXPL: 0CVE-2014-1563
https://notcve.org/view.php?id=CVE-2014-1563
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection. Vulnerabilidad de uso después de liberación en la función mozilla::DOMSVGLength::GetTearOff en Mozilla Firefox anterior a 32.0, Firefox ESR 31.x anterior a 31.1 y Thunderbird 31.x anterior a 31.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria dinámica) a través de una animación SVG con interacción DOM que provoca la recolección incorrecta de ciclos. • http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html http://secunia.com/advisories/60148 http://secunia.com/advisories/61114 http://www.mozilla.org/security/announce/2014/mfsa2014-68.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html • CWE-416: Use After Free •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-1561
https://notcve.org/view.php?id=CVE-2014-1561
Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization. Mozilla Firefox anterior a 31.0 no restringe debidamente el uso de eventos de arrastrar y soltar para falsificar eventos de personalización, lo que permite a atacantes remotos alterar la colocación de iconos de la interfaz del usuario a través de código JavaScript manipulado que se encuentra durante la personalización de (1) páginas, (2) paneles o (3) barras de herramientas. • http://secunia.com/advisories/59760 http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-60.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1030619 https://bugzilla.mozilla.org/show_bug.cgi?id=1000514 https://bugzilla.mozilla.org/show_bug.cgi?id=910375 https://security.gentoo.org/glsa/201504-01 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 1%CPEs: 23EXPL: 0CVE-2014-1557 – Mozilla: Crash in Skia library when scaling high quality images (MFSA 2014-64)
https://notcve.org/view.php?id=CVE-2014-1557
The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image. La función ConvolveHorizontally en Skia, utilizado en Mozilla Firefox anterior a 31.0, Firefox ESR 24.x anterior a 24.7 y Thunderbird anterior a 24.7, no maneja debidamente el descarte de datos de imágenes durante la ejecución de la función, lo que permite a atacantes remotos ejecutar código arbitrario mediante la provocación del escalado prolongado de imágenes, tal y como fue demostrado mediante el escalado de un imagen de alta calidad. • http://linux.oracle.com/errata/ELSA-2014-0918.html http://secunia.com/advisories/59591 http://secunia.com/advisories/59719 http://secunia.com/advisories/59760 http://secunia.com/advisories/60083 http://secunia.com/advisories/60306 http://secunia.com/advisories/60486 http://secunia.com/advisories/60621 http://secunia.com/advisories/60628 http://www.debian.org/security/2014/dsa-2986 http://www.debian.org/security/2014/dsa-2996 http://www.mozilla.org/security/announce/ • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2014-4260 – mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)
https://notcve.org/view.php?id=CVE-2014-4260
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.37 y anteriores y 5.6.17 y anteriores, permite a usuarios remotos autenticados afectar la integridad y disponibilidad a través de vectores relacionados con SRCHAR. • http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/60425 http://www.debian.org/security/2014/dsa-2985 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.securityfocus.com/archive/1/534161/100/0/threaded http:&# •