CVE-2010-4744
https://notcve.org/view.php?id=CVE-2010-4744
Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441. Múltiples vulnerabilidades no especificadas en abcm2ps antes de v5.9.13 tienen un impacto y vectores de ataque desconocidos. Se trata de un problema diferente a CVE-2010-3441. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054015.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054424.html http://moinejf.free.fr/abcm2ps-5.txt http://secunia.com/advisories/43338 http://www.vupen.com/english/advisories/2011/0390 https://bugzilla.redhat.com/show_bug.cgi?id=600729 •
CVE-2010-4743
https://notcve.org/view.php?id=CVE-2010-4743
Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information. Un desbordamiento de búfer basado en memoria dinámica en la función getarena en abc2ps.c en abcm2ps antes de v5.9.13 podría permitir a atacantes remotos ejecutar código de su elección a través de un archivo ABC debidamente modificado. Se trata de una vulnerabilidad diferente a CVE-2010-3441. NOTA: algunos de estos detalles han sido obtenidos de información de terceros. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054015.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054424.html http://moinejf.free.fr/abcm2ps-5.txt http://secunia.com/advisories/40033 http://secunia.com/advisories/43338 http://www.vupen.com/english/advisories/2011/0390 https://bugzilla.redhat.com/show_bug.cgi?id=600729 • CWE-787: Out-of-bounds Write •
CVE-2011-0495
https://notcve.org/view.php?id=CVE-2011-0495
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function. Desbordamiento de búfer basado en pila en la función ast_uri_encode, en main/utils.c, en Asterisk Open Source before v.1.4.38.1, v.1.4.39.1, v.1.6.1.21, v.1.6.2.15.1, v.1.6.2.16.1, v.1.8.1.2, v.1.8.2.; y Business Edition before v.C.3.6.2; cuando se ejecuta en modo "pedantic" permite a usuarios autenticados ejectuar código de su elección manipulados con el dato llamador ID en vectores que involucran el (1) el driver del SIP, (2) la función URIENCODE dialplan, o la función AGI dialplan. • http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff http://downloads.asterisk.org/pub/security/AST-2011-001.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html http://osvdb.org/70518 http://secunia.com/advisories/42935 http://secunia.com/advisories/43119 http://secunia.com/advisories/43373 http://www.debian.org/security/2011/dsa-2171 http://www • CWE-787: Out-of-bounds Write •
CVE-2010-4162 – kernel: bio: integer overflow page count when mapping/copying user data
https://notcve.org/view.php?id=CVE-2010-4162
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. Múltiples desbordamientos de entero en fs/bio.c en el kernel de Linux anterior a v2.6.36.2 permite a usuarios locales causar una denegación de servicio (fallo del sistema) a través de un dispositivo ioctl manipulado a un dispositivo SCSI. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb4644cac4a2797afc847e6c92736664d4b0ea34 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://l • CWE-190: Integer Overflow or Wraparound •
CVE-2010-4158 – Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure
https://notcve.org/view.php?id=CVE-2010-4158
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. La función sk_run_filter en net/core/filter.c en el kernel de Linux anteriores a v2.6.36.2 no comprueba si una posición de memoria determinada se ha inicializado antes de ejecutar una instrucción (1) BPF_S_LD_MEM o (2) BPF_S_LDX_MEM, permite a usuarios locales obtener información potencialmente confidencial de pila del núcleo de la memoria a través de un filtro socket manipulado. • https://www.exploit-db.com/exploits/34987 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=57fe93b374a6b8711995c2d466c502af9f3a08bb http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077321.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse- • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •