CVSS: 6.8EPSS: 19%CPEs: 15EXPL: 0CVE-2011-4517 – jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409)
https://notcve.org/view.php?id=CVE-2011-4517
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file. La función jpc_crg_getparms de libjasper/jpc/jpc_cs.c de JasPer 1.900.1 utiliza un tipo de datos incorrecto durante un cálculo determinado de tamaño, lo que permite a atacantes remotos provocar un desbordamiento de buffer de memoria dinámica y ejecutar código arbitrario, o provocar una denegación de servicio (corrupción de memoria dinámica), a través de un archivo JPEG2000 mal formado. A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code. • http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html http://osvdb.org/77596 http://rhn.redhat.com/errata/RHSA-2015-0698.html http://secunia.com/advisories/47193 http://secunia.com/advisories/47306 http://secunia.com/advisories/47353 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 10%CPEs: 14EXPL: 0CVE-2011-4516 – jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409)
https://notcve.org/view.php?id=CVE-2011-4516
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file. Desbordamiento de buffer de memoria dinámica en la función jpc_cox_getcompparms de libjasper/jpc/jpc_cs.c de JasPer 1.900.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un valor numrlvls de un archivo JPEG2000. A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code. • http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html http://osvdb.org/77595 http://rhn.redhat.com/errata/RHSA-2015-0698.html http://secunia.com/advisories/47193 http://secunia.com/advisories/47306 http://secunia.com/advisories/47353 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 5EXPL: 0CVE-2011-3439 – freetype: Multiple security flaws when loading CID-keyed Type 1 fonts
https://notcve.org/view.php?id=CVE-2011-3439
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. FreeType en CoreGraphics en Apple iOS anterior a v5.0.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una fuente manipulada en un documento. • http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00012.html http://secunia.com/advisories/46921 http://secunia.com/advisories/48951 http://support.apple.com/kb/HT5052 https://access.redhat.com/security/cve/CVE-2011-3439 https://bugzilla.redhat.com/show_ • CWE-787: Out-of-bounds Write •
CVSS: 3.6EPSS: 0%CPEs: 87EXPL: 0CVE-2011-3171
https://notcve.org/view.php?id=CVE-2011-3171
Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors. Una vulnerabilidad de salto de directorio en Pure-ftpd v1.0.22 y posiblemente en otras versiones, cuando se ejecutan en SUSE Linux Enterprise Server y posiblemente otros sistemas operativos y cuando la función de servidor remoto Netware OES está activada, permite a usuarios locales sobreescribir ficheros arbitrarios a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00016.html http://www.securityfocus.com/bid/49541 https://exchange.xforce.ibmcloud.com/vulnerabilities/69686 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2011-2660
https://notcve.org/view.php?id=CVE-2011-2660
The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name. El script modify_resolvconf_suse del paquete vpnc antes su versión v0.5.1-55.10.1 en SUSE Linux Enterprise Desktop v11 SP1 podría permitir a atacantes remotos ejecutar código arbitrario a través de un nombre de dominio DNS puesto a mano. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00029.html http://www.securityfocus.com/bid/49391 https://bugzilla.novell.com/651577 https://bugzilla.novell.com/708656 https://exchange.xforce.ibmcloud.com/vulnerabilities/69514 • CWE-20: Improper Input Validation •