Page 5 of 61 results (0.019 seconds)

CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0

CVE-2010-3702 – xpdf: uninitialized Gfx::parser pointer dereference

https://notcve.org/view.php?id=CVE-2010-3702

The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. La función Gfx::getPos en el analizador PDF en Xpdf versión anterior a 3.02 PL5, Poppler versión 0.8.7 y posiblemente otras versiones hasta la 0.15.1, CUPS, kdegraphics, y posiblemente otros productos permite que los atacantes dependiendo del contexto generen una denegación de servicio (bloqueo) por medio de vectores desconocidos que desencadenan una desreferencia de puntero no inicializada. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html http://lists.fedoraproject.org/pipermail/package • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 7%CPEs: 10EXPL: 1

CVE-2010-0013 – Pidgin MSN 2.6.4 - File Download

https://notcve.org/view.php?id=CVE-2010-0013

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon. Vulnerabilidad de salto de directorio en slp.c en el complemento del protocolo MSN en libpurple en Pidgin v2.6.4 y Adium v1.3.8 permite a atacantes remotos leer ficheros de su elección a través de un .. (punto punto) en una petición emoticono MSN application/x-msnmsgrp2p (también conocido como emoticono personalizado), un caso relaciona con CVE-2004-0122. • https://www.exploit-db.com/exploits/11203 http://d.pidgin.im/viewmtn/revision/info/3d02401cf232459fc80c0837d31e05fae7ae5467 http://d.pidgin.im/viewmtn/revision/info/4be2df4f72bd8a55cdae7f2554b73342a497c92f http://d.pidgin.im/viewmtn/revision/info/c64a1adc8bda2b4aeaae1f273541afbc4f71b810 http://developer.pidgin.im/viewmtn/revision/diff/3d02401cf232459fc80c0837d31e05fae7ae5467/with/c64a1adc8bda2b4aeaae1f273541afbc4f71b810/libpurple/protocols/msn/slp.c http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html http://lists.fedoraproject.org/piperma • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.2EPSS: 0%CPEs: 25EXPL: 0

CVE-2009-3080 – kernel: gdth: Prevent negative offsets in ioctl

https://notcve.org/view.php?id=CVE-2009-3080

Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. Error de indice de matriz en la función gdth_read_event en drivers/scsi/gdth.c en el kernel de Linux antes de v2.6.32-RC8 permite a usuarios locales provocar una denegación de servicio o posiblemente obtener privilegios a través de un índice de evento negativo en una solicitud IOCTL. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=690e744869f3262855b83b4fb59199cf142765b0 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html http://secunia. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-129: Improper Validation of Array Index •

CVSS: 7.5EPSS: 8%CPEs: 14EXPL: 0

CVE-2009-3553 – cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface

https://notcve.org/view.php?id=CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. Vulnerabilidad de uso anterior a la liberación en el descriptor de fichero abstracto de cuelgue de interface en la función cupsdDoSelect en scheduler/select.c en el scheduler en cupsd en CUPS v1.3.7 y v1.3.10 permite a los atacantes remoto causar una denegación de servicio (caída o cuelque del demonio) a través de una desconexión de cliente durante el listado de una elevado número de trabajos de impresión, en relación al mantenimiento inapropiado de un contador de referencia. NOTA: algunos de estos detalles han sido obtenidos de información de terceros. • http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html http://secunia.com/advisories/37360 http://secunia.com/advisories/37364 http://secunia.com/advisories/38241 http://secunia.com/advisories/43521 http://security.gentoo.org/glsa/glsa-201207-10.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1 http://support.apple.com/kb/HT4004 http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs http://www.cups.org/newsgroups.php/newsgr • CWE-416: Use After Free •

CVSS: 7.2EPSS: 0%CPEs: 32EXPL: 7

CVE-2009-3547 – Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2009-3547

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. Múltiples condiciones de carrera en fs/pipe.c en el kernel de Linux anteriores a v2.6.32-rc6 permite a usuarios locales producir una denegación de servicio )desreferencia a puntero NULL y caída del sistema) o conseguir privilegios mediante la apertura de un canal anónimo en la ruta /proc/*/fd/. • https://www.exploit-db.com/exploits/9844 https://www.exploit-db.com/exploits/33321 https://www.exploit-db.com/exploits/10018 https://www.exploit-db.com/exploits/33322 https://www.exploit-db.com/exploits/40812 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference CWE-672: Operation on a Resource after Expiration or Release •