Page 64 of 521 results (0.024 seconds)

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1

CVE-2016-5314

https://notcve.org/view.php?id=CVE-2016-5314

Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. Desbordamiento de búfer en la función PixarLogDecode en tif_pixarlog.c en LibTIFF, en versiones 4.0.6 y anteriores, permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) u otro tipo de impacto sin especificar mediante una imagen TIFF manipulada. Esto se demuestra sobrescribiendo el puntero de función vgetparent con rgb2ycbcr. • http://bugzilla.maptools.org/show_bug.cgi?id=2554 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00017.html http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00060.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00090.html http://www.openwall.com/lists/oss-security/2016/06/15/1 http://www.openwall.com/lists/oss-security/2016/06/15/9 http://www.openwall.com/lists/oss-security/2 • CWE-787: Out-of-bounds Write •

CVSS: 9.9EPSS: 0%CPEs: 32EXPL: 0

CVE-2017-2620 – Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo

https://notcve.org/view.php?id=CVE-2017-2620

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. Quick emulator (QEMU) en versiones anteriores a la 2.8 construido con el soporte del emulador Cirrus CLGD 54xx VGA Emulator es vulnerable a un problema de acceso fuera de límites. El problema puede ocurrir al copiar datos VGA en cirrus_bitblt_cputovideo. • http://rhn.redhat.com/errata/RHSA-2017-0328.html http://rhn.redhat.com/errata/RHSA-2017-0329.html http://rhn.redhat.com/errata/RHSA-2017-0330.html http://rhn.redhat.com/errata/RHSA-2017-0331.html http://rhn.redhat.com/errata/RHSA-2017-0332.html http://rhn.redhat.com/errata/RHSA-2017-0333.html http://rhn.redhat.com/errata/RHSA-2017-0334.html http://rhn.redhat.com/errata/RHSA-2017-0350.html http://rhn.redhat.com/errata/RHSA-2017-0351.html http://rhn • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 0

CVE-2017-2615 – Qemu: display: cirrus: oob access while doing bitblt copy backward mode

https://notcve.org/view.php?id=CVE-2017-2615

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. Quick emulator (QEMU) con soporte integrado para el emulador Cirrus CLGD 54xx VGA es vulnerable a un problema de acceso fuera de límites. Podría ocurrir mientras se copian datos VGA mediante la copia bitblt en modo backward. • http://rhn.redhat.com/errata/RHSA-2017-0309.html http://rhn.redhat.com/errata/RHSA-2017-0328.html http://rhn.redhat.com/errata/RHSA-2017-0329.html http://rhn.redhat.com/errata/RHSA-2017-0330.html http://rhn.redhat.com/errata/RHSA-2017-0331.html http://rhn.redhat.com/errata/RHSA-2017-0332.html http://rhn.redhat.com/errata/RHSA-2017-0333.html http://rhn.redhat.com/errata/RHSA-2017-0334.html http://rhn.redhat.com/errata/RHSA-2017-0344.html http://rhn • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-2568

https://notcve.org/view.php?id=CVE-2016-2568

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. pkexec, cuando se utiliza con --user nonpriv, permite a usuarios locales escapar a la sesión principal a través de una llamada ioctl TIOCSTI manipulada, que empuja caracteres al búfer de entrada de la terminal. • http://www.openwall.com/lists/oss-security/2016/02/26/3 https://access.redhat.com/security/cve/cve-2016-2568 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062 https://bugzilla.redhat.com/show_bug.cgi?id=1300746 https://ubuntu.com/security/CVE-2016-2568 • CWE-116: Improper Encoding or Escaping of Output •

CVSS: 7.5EPSS: 52%CPEs: 87EXPL: 1

CVE-2016-8610 – SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS

https://notcve.org/view.php?id=CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. Se ha encontrado un fallo de denegación de servicio en OpenSSL en las versiones 0.9.8, 1.0.1, 1.0.2 hasta la 1.0.2h y la 1.1.0 en la forma en la que el protocolo TLS/SSL definió el procesamiento de paquetes ALERT durante una negociación de conexión. Un atacante remoto podría emplear este fallo para hacer que un servidor TLS/SSL consuma una cantidad excesiva de recursos de CPU y fracase a la hora de aceptar conexiones de otros clientes. A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. • https://github.com/cujanovic/CVE-2016-8610-PoC http://rhn.redhat.com/errata/RHSA-2017-0286.html http://rhn.redhat.com/errata/RHSA-2017-0574.html http://rhn.redhat.com/errata/RHSA-2017-1415.html http://rhn.redhat.com/errata/RHSA-2017-1659.html http://seclists.org/oss-sec/2016/q4/224 http://www.securityfocus.com/bid/93841 http://www.securitytracker.com/id/1037084 https://access.redhat.com/errata/RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1414 • CWE-400: Uncontrolled Resource Consumption •