CVE-2012-5630
https://notcve.org/view.php?id=CVE-2012-5630
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. libuser versiones 0.56 y 0.57, presenta una condición de carrera TOCTOU (de tiempo de comprobación y de tiempo de uso) cuando se copia y elimina árboles de directorios. • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html https://access.redhat.com/security/cve/cve-2012-5630 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5630 https://security-tracker.debian.org/tracker/CVE-2012-5630 https://www.securityfocus.com/bid/59285 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2012-5617
https://notcve.org/view.php?id=CVE-2012-5617
gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation gksu-polkit: el archivo de configuración de política PolicyKit permisivo permite una escalada de privilegios. • http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113182.html http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113218.html http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099739.html http://www.openwall.com/lists/oss-security/2012/12/12/8 http://www.securityfocus.com/bid/56918 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5617 https://security-tracker.debian.org/tracker/CVE-2012-5617 • CWE-269: Improper Privilege Management •
CVE-2012-5535
https://notcve.org/view.php?id=CVE-2012-5535
gnome-system-log polkit policy allows arbitrary files on the system to be read La política polkit de gnome-system-log, permite leer archivos arbitrarios en el sistema. • http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094059.html http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094181.html https://access.redhat.com/security/cve/cve-2012-5535 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5535 https://security-tracker.debian.org/tracker/CVE-2012-5535 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-7810
https://notcve.org/view.php?id=CVE-2015-7810
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files La clase libbluray MountManager presenta una carrera de tiempo de comprobación y tiempo de uso (TOCTOU) cuando se expanden archivos JAR. • http://www.openwall.com/lists/oss-security/2015/10/12/7 http://www.securityfocus.com/bid/72769 https://access.redhat.com/security/cve/cve-2015-7810 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7810 https://security-tracker.debian.org/tracker/CVE-2015-7810 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2013-4409
https://notcve.org/view.php?id=CVE-2013-4409
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Existe una vulnerabilidad de la función eval() en Python Software Foundation Djblets versión 0.7.21 y Beanbag Review Board versiones anteriores a la versión 1.7.15, cuando se analizan peticiones JSON. • http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html http://www.securityfocus.com/bid/63029 https://access.redhat.com/security/cve/cve-2013-4409 https:/& • CWE-20: Improper Input Validation •