CVE-2011-3919 – libxml2: Heap-based buffer overflow when decoding an entity reference with a long name
https://notcve.org/view.php?id=CVE-2011-3919
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Un desbordamiento de pila basado en memoria dinámica (monticulo) en libxml2, tal y como se utiliza en Google Chrome antes de v16.0.912.75, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=107128 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://secunia.com/advisories/47449 http://secunia.com/advisories/55568 http://support • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2011-3905 – libxml2 out of bounds read
https://notcve.org/view.php?id=CVE-2011-3905
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. libxml2, cuando es usado en Google Chrome anterior a v16.0.912.63, permite a atacantes remotos causar una denegación de servicio (lectura fuera de límite) a través de vectores de ataque no determinados. • http://code.google.com/p/chromium/issues/detail?id=95465 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://www.debian.org/security/2012/dsa-2394 http://www.mandriva.com/security/advisories?name=MDVSA-2011:188 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761 https://access.redhat.com/security/cve/CVE-2011-3905 https://bugzilla.redhat.com/show_bug.cgi?id=767387 • CWE-125: Out-of-bounds Read •
CVE-2011-3193 – qt/harfbuzz buffer overflow
https://notcve.org/view.php?id=CVE-2011-3193
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Desbordamiento de buffer de memoria dinámica en la función Lookup_MarkMarkPos del módulo HarfBuzz (harfbuzz-gpos.c), tal como se usa en Qt anteriores a 4.7.4 y Pango. Permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un archivo de fuentes modificado. • http://cgit.freedesktop.org/harfbuzz.old/commit/?id=81c8ef785b079980ad5b46be4fe7c7bf156dbf65 http://cgit.freedesktop.org/harfbuzz/commit/src/harfbuzz-gpos.c?id=da2c52abcd75d46929b34cad55c4fb2c8892bc08 http://git.gnome.org/browse/pango/commit/pango/opentype/harfbuzz-gpos.c?id=a7a715480db66148b1f487528887508a7991dcd0 http://lists.opensuse.org/opensuse-updates/2011-10/msg00007.html http://lists.opensuse.org/opensuse-updates/2011-10/msg00008.html http://rhn.redhat.com/errata/RHSA-2011-1323.html http://rhn.redhat.com/errata/RH • CWE-787: Out-of-bounds Write •
CVE-2011-2834 – libxml2: double-free caused by malformed XPath expression in XSLT
https://notcve.org/view.php?id=CVE-2011-2834
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Vulnerabilidad de doble liberación en libxml2, tal y como se usa en Google Chrome antes de v14.0.835.163, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de XPath. • http://code.google.com/p/chromium/issues/detail?id=93472 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/75560 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://support.apple.com/kb/HT5281 http://support. • CWE-415: Double Free •
CVE-2011-2519 – kernel: xen: x86_emulate: fix SAHF emulation
https://notcve.org/view.php?id=CVE-2011-2519
Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction. Xen en el kernel de Linux, al ejecutar como invitado en una máquina sin paginación asistida por hardware (HAP), permite a usuarios invitados causar denegación de servicio (referencia a puntero inválido y caída del hipervisor) a través de la instrucción SAHF. • http://rhn.redhat.com/errata/RHSA-2011-1212.html http://www.openwall.com/lists/oss-security/2011/08/30/1 http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644 https://bugzilla.redhat.com/show_bug.cgi?id=718882 https://access.redhat.com/security/cve/CVE-2011-2519 • CWE-476: NULL Pointer Dereference •