CVSS: 6.5EPSS: 95%CPEs: 14EXPL: 4CVE-2012-5612 – MySQL (Linux) - Heap Overrun (PoC)
https://notcve.org/view.php?id=CVE-2012-5612
Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands. El desbordamiento de búfer en la región heap de la memoria en MySQL versión 5.5.19 y otras versiones hasta 5.5.28, y MariaDB versión 5.5.28a y posiblemente otras versiones, de Oracle, permite a los usuarios remotos autenticados causar una denegación de servicio (corrupción de memoria y bloqueo) y posiblemente ejecutar código arbitrario, como es demostrado utilizando ciertas variaciones de los comandos (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE y (12) SET PASSWORD. Oracle MySQL on Linux suffers from a heap overrun vulnerability. • https://www.exploit-db.com/exploits/23076 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html http://seclists.org/fulldisclosure/2012/Dec/5 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.exploit-db.com/exploits/23076 http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.openwall.com/lists/oss-security/2012/12/02/3 ht • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 10%CPEs: 17EXPL: 0CVE-2012-4218
https://notcve.org/view.php?id=CVE-2012-4218
Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Uso después de liberación en la función BuildTextRunsScanner::BreakSink::SetBreaks en Mozilla Firefox antes de v17.0, Thunderbird antes de v17.0 y SeaMonkey antes de v2.14 permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html http://secunia.com/advisories/51369 http://secunia.com/advisories/51370 http://secunia.com/advisories/51381 http://secunia.com/advisories/51434 http:& • CWE-416: Use After Free •
CVSS: 7.5EPSS: 3%CPEs: 17EXPL: 0CVE-2012-5836
https://notcve.org/view.php?id=CVE-2012-5836
Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text. Mozilla Firefox antes de 17.0, Thunderbird antes de 17.0 y SeaMonkey antes de 2.14 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de vectores relacionados con el establecimiento de las hojas de estilo en cascada (CSS), en relación con el texto SVG. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html http://osvdb.org/87593 http://secunia.com/advisories/51369 http://secunia.com/advisories/51370 http://secunia.com/advisories/51381 http://secunia • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 2%CPEs: 17EXPL: 1CVE-2012-4204
https://notcve.org/view.php?id=CVE-2012-4204
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. La función str_unescape en el motor Javascript en Mozilla Firefox antes de v17.0 Thunderbird antes de v17.0 y SeaMonkey antes v2.14, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html http://osvdb.org/87592 http://secunia.com/advisories/51369 http://secunia.com/advisories/51370 http://secunia.com/advisories/51381 http://secunia • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 18EXPL: 1CVE-2012-4217
https://notcve.org/view.php?id=CVE-2012-4217
Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Uso después de liberación en la función BnsViewManager::ProcessPendingUpdates en Mozilla Firefox antes de v17.0, Thunderbird antes de v17.0 y SeaMonkey antes de v2.14 permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html http://secunia.com/advisories/51369 http://secunia.com/advisories/51370 http://secunia.com/advisories/51381 http://secunia.com/advisories/51434 http:& • CWE-416: Use After Free •