Page 58 of 680 results (0.018 seconds)

CVSS: 10.0EPSS: 53%CPEs: 22EXPL: 1

CVE-2015-3113 – Adobe Flash Player Heap-Based Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2015-3113

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como fue utilizado activamente en junio del 2015. Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code. • https://www.exploit-db.com/exploits/37536 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://rhn.redhat.com/errata/RHSA-2015-1184.html http://www.securityfocus.com/bid/75371 http://www.securitytracker.com/id/1032696 https://bugzilla.redhat.com/show_bug. • CWE-787: Out-of-bounds Write •

CVSS: 5.0EPSS: 2%CPEs: 16EXPL: 0

CVE-2015-4145

https://notcve.org/view.php?id=CVE-2015-4145

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message. La implementación EAP-pwd server and peer en hostapd y wpa_supplicant 1.0 hasta 2.4 no valida si un fragmento ya está siendo procesado, lo que permite a atacantes remotos causar una denegación de servicio (fuga de memoria) a través de un mensaje manipulado. • http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt http://www.debian.org/security/2015/dsa-3397 http://www.openwall.com/lists/oss-security/2015/05/09/6 http://www.openwall.com/lists/oss-security/2015/05/31/6 http://www.ubuntu.com/usn/USN-2650-1 https://security.gentoo.org/glsa/201606-17 • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 2%CPEs: 24EXPL: 0

CVE-2015-4141

https://notcve.org/view.php?id=CVE-2015-4141

The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow. La función WPS UPnP en hostapd, cuando utiliza WPS AP, y wpa_supplicant, cuando utiliza el registro externo WPS (ER), 0.7.0 hasta 2.4 permite a atacantes remotos causar una denegación de servicio (caída) a través de una longitud de chunk negativa, lo que provoca una lectura fuera de rango o un desbordamiento de buffer basado en memoria dinámica. • http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt http://www.debian.org/security/2015/dsa-3397 http://www.openwall.com/lists/oss-security/2015/05/09/4 http://www.openwall.com/lists/oss-security/2015/05/31/6 http://www.ubuntu.com/usn/USN-2650-1 https://security.gentoo.org/glsa/201606-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 16EXPL: 0

CVE-2015-4144

https://notcve.org/view.php?id=CVE-2015-4144

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message. La implementación EAP-pwd server and peer en hostapd y wpa_supplicant 1.0 hasta 2.4 no valida que un mensaje tiene la longitud suficiente para contener el campo Total-Length, lo que permite a atacantes remotos causar una denegación de servicio (caída) a través de un mensaje manipulado. • http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt http://www.debian.org/security/2015/dsa-3397 http://www.openwall.com/lists/oss-security/2015/05/09/6 http://www.openwall.com/lists/oss-security/2015/05/31/6 http://www.ubuntu.com/usn/USN-2650-1 https://security.gentoo.org/glsa/201606-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 16EXPL: 0

CVE-2015-4146

https://notcve.org/view.php?id=CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message. La implementación EAP-pwd peer en hostapd y wpa_supplicant 1.0 hasta 2.4 no limpia los indicadores L (Length) y M (More) antes de determinar si una respuesta debe ser fragmentada, lo que permite a atacantes remotos causar una denegación de servicio (caída) a través de un mensaje manipulado. • http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt http://www.debian.org/security/2015/dsa-3397 http://www.openwall.com/lists/oss-security/2015/05/09/6 http://www.openwall.com/lists/oss-security/2015/05/31/6 http://www.ubuntu.com/usn/USN-2650-1 https://security.gentoo.org/glsa/201606- •