CVE-2016-1704 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-1704
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 51.0.2704.103 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update_16.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://www.debian.org/security/2016/dsa-3637 http://www.ubuntu.com/usn/USN-3015-1 https://access.redhat.com/errata/ •
CVE-2016-3062
https://notcve.org/view.php?id=CVE-2016-3062
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file. La función mov_read_dref en libavformat/mov.c en Libav en versiones anteriores a 11.7 y FFmpeg en versiones anteriores a 0.11 permite a atacantes remotos provocar una denegación de srevicio (corrupción de memoria) o ejecutar código arbitrario a través de valores de entrada en una caja dref en un archivo MP4. • http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html http://www.debian.org/security/2016/dsa-3603 https://bugzilla.libav.org/show_bug.cgi?id=929 https://ffmpeg.org/security.html https://git.libav.org/?p=libav.git%3Ba=commit%3Bh=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328 https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746 https://libav.org/releases/libav-11.7.changelog https://security.gentoo.org/glsa/201705-08 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-9773
https://notcve.org/view.php?id=CVE-2014-9773
modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks. modules/chanserv/flags.c en Atheme en versiones anteriores a 7.2.7 permite a atacantes remotos modificar el comportamiento de Anope FLAGS registrando y soltando (1) LIST, (2) CLEAR o (3) MODIFY nicks de palabras clave. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00061.html http://www.openwall.com/lists/oss-security/2016/05/02/2 http://www.openwall.com/lists/oss-security/2016/05/03/1 https://github.com/atheme/atheme/commit/c597156adc60a45b5f827793cd420945f47bc03b https://github.com/atheme/atheme/issues/397 • CWE-284: Improper Access Control •
CVE-2016-4414
https://notcve.org/view.php?id=CVE-2016-4414
The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data. La función onReadyRead en core/coreauthhandler.cpp en Quassel en versiones anteriores a 0.12.4 permite a atacantes remotos provocar una caída de servicio (referencia a un puntero NULL y caída) a través de una información handshake no válida. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00063.html http://quassel-irc.org/node/129 http://www.openwall.com/lists/oss-security/2016/04/30/2 http://www.openwall.com/lists/oss-security/2016/04/30/4 https://github.com/quassel/quassel/com •
CVE-2016-5104
https://notcve.org/view.php?id=CVE-2016-5104
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket. La función socket_create en common/socket.c en libimobiledevice y libusbmuxd permite a atacantes remotos eludir las restricciones destinadas al acceso y comunicarse con servicios en dispositivos de iOS conectándose a un socket IPv4 TCP. • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html http://www.openwall.com/lists/oss-security/2016/05/26/1 http://www.openwall.com/lists/oss-security/2016/05/26/6 http://www.ubuntu.com/usn/USN-3026-1 http://www.ubuntu.com/usn/USN-3026-2 https://bugzilla.redhat.com/show_bug.cgi?id=1339988 https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e https: • CWE-284: Improper Access Control •