CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2018-5161 – Mozilla: Hang via malformed headers
https://notcve.org/view.php?id=CVE-2018-5161
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. Las cabeceras de mensaje manipuladas pueden hacer que un proceso Thunderbird deje de responder al recibir el mensaje. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Thunderbird ESR y las versiones anteriores a la 52.8 de Thunderbird. • http://www.securitytracker.com/id/1040946 https://access.redhat.com/errata/RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1726 https://bugzilla.mozilla.org/show_bug.cgi?id=1411720 https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3660-1 https://www.debian.org/security/2018/dsa-4209 https://www.mozilla.org/security/advisories/mfsa2018-13 https://access.redhat.com/security/cve&#x • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0CVE-2018-5162 – Mozilla: Encrypted mail leaks plaintext through src attribute
https://notcve.org/view.php?id=CVE-2018-5162
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. El texto plano de los correos electrónicos descifrados puede filtrarse a través del atributo src de imágenes remotas o enlaces. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Thunderbird ESR y las versiones anteriores a la 52.8 de Thunderbird. • http://www.securityfocus.com/bid/104240 http://www.securitytracker.com/id/1040946 https://access.redhat.com/errata/RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1726 https://bugzilla.mozilla.org/show_bug.cgi?id=1457721 https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3660-1 https://www.debian.org/security/2018/dsa-4209 https://www.mozilla.org/security/advisories/mfsa2018-13&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 2CVE-2018-1120 – Procps-ng - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-1120
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks). Se ha encontrado un error que afecta al kernel de Linux en versiones anteriores a la 4.17. Al realizar un mmap() sobre un archivo copiado con FUSE en la memoria de un proceso que contiene argumentos de línea de comandos (o cadenas de entorno), un atacante puede hacer que las utilidades de psutils o procps (como ps o w) o cualquier otro programa que realiza una llamada read() a los archivos /proc//cmdline (o /proc//environ) se bloqueen indefinidamente (denegación de servicio) o durante un tiempo determinado (como primitiva de sincronización para otros ataques). By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks). • https://www.exploit-db.com/exploits/44806 http://seclists.org/oss-sec/2018/q2/122 http://www.securityfocus.com/bid/104229 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1120 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7f7ccc2ccc2e70c6054685f5e3522efa81556830 https://lists.debian.org/debian-lt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 1CVE-2018-1126 – procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues
https://notcve.org/view.php?id=CVE-2018-1126
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. procps-ng en versiones anteriores a la 3.3.15 es vulnerable a un tamaño de entero incorrecto en proc/alloc.* que conduce a problemas de truncado/desbordamiento de enteros. Este error está relacionado con CVE-2018-1124. A flaw was found where procps-ng provides wrappers for standard C allocators that took `unsigned int` instead of `size_t` parameters. On platforms where these differ (such as x86_64), this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowed. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html http://seclists.org/oss-sec/2018/q2/122 http://www.securityfocus.com/bid/104214 http://www.securitytracker.com/id/1041057 https://access.redhat.com/errata/RHSA-2018:1700 https://access.redhat.com/errata/RHSA-2018:1777 https://access.redhat.com/errata/RHSA-2018:1820 https://access.redhat.com/errata/RHSA-2018:2267 https://access • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 2CVE-2018-1124 – Procps-ng - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-1124
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. procps-ng en versiones anteriores a la 3.3.15 es vulnerable a múltiples desbordamientos de enteros que conducen a una corrupción de la memoria dinámica (heap) en la función file2strvec. Esto permite el escalado de privilegios para un atacante local que puede crear entradas en procfs empezando procesos, lo que podría resultar en cierres inesperados o la ejecución de código arbitrario en las utilidades proc ejecutadas por otros usuarios. Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec(). These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities run by other users (eg pgrep, pkill, pidof, w). • https://www.exploit-db.com/exploits/44806 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html http://seclists.org/oss-sec/2018/q2/122 http://www.securityfocus.com/bid/104214 http://www.securitytracker.com/id/1041057 https://access.redhat.com/errata/RHSA-2018:1700 https://access.redhat.com/errata/RHSA-2018:1777 https://access.redhat.com/errata/RHSA-2018:1820 https://access.redha • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •