Page 7 of 49 results (0.025 seconds)

CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0

CVE-2010-2297

https://notcve.org/view.php?id=CVE-2010-2297

rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. rendering/FixedTableLayout.cpp en WebCore en WebKit en Google Chrome anterior a v5.0.375.70, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente la ejecución de código de su elección a través de un documento HTML que contiene un atributo "colspan" largo dentro de una tabla. • http://code.google.com/p/chromium/issues/detail?id=42723 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40072 http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0212 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11434 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 10.0EPSS: 3%CPEs: 7EXPL: 0

CVE-2010-2302

https://notcve.org/view.php?id=CVE-2010-2302

Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. Vulnerabilidad de uso después de la liberación (Use-after-free) en WebCore de WebKit de Google Chrome anterior a v5.0.375.70 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente la ejecución de código de su elección a través de vectores que involucran a fuentes remotas en conjunción con los árboles DOM referenciados. También conocido como problema rdar 8007953. NOTA: esto podría coincidir con el CVE-2010-1771. • http://code.google.com/p/chromium/issues/detail?id=44740 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40072 http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0212 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11948 • CWE-416: Use After Free •

CVSS: 10.0EPSS: 96%CPEs: 73EXPL: 0

CVE-2010-1770 – Apple Webkit CSS Charset Text Transformation Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-1770

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue." WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y Windows, Safari de Apple anterior a versión 4.1 sobre Mac OS X versión 10.4 y Chrome de Google anterior a versión 5.0.375.70, no maneja apropiadamente una transformación de un nodo de texto que tiene el conjunto de caracteres IBM1147, que permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y bloqueo de aplicación) por medio de un documento HTML especialmente diseñado que contiene un elemento BR, relacionado con un "type checking issue." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's support of character sets. If the IBM1147 character set is applied to a particular element and that element has a text transformation applied to it, the application will attempt to access an object that doesn't exist in order to perform the transformation. • http://code.google.com/p/chromium/issues/detail?id=43487 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 0%CPEs: 32EXPL: 7

CVE-2009-3547 – Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2009-3547

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. Múltiples condiciones de carrera en fs/pipe.c en el kernel de Linux anteriores a v2.6.32-rc6 permite a usuarios locales producir una denegación de servicio )desreferencia a puntero NULL y caída del sistema) o conseguir privilegios mediante la apertura de un canal anónimo en la ruta /proc/*/fd/. • https://www.exploit-db.com/exploits/9844 https://www.exploit-db.com/exploits/33321 https://www.exploit-db.com/exploits/10018 https://www.exploit-db.com/exploits/33322 https://www.exploit-db.com/exploits/40812 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference CWE-672: Operation on a Resource after Expiration or Release •

CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 5

CVE-2009-3621 – Linux Kernel 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service

https://notcve.org/view.php?id=CVE-2009-3621

net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. net/unix/af_unix.c en el kernel de Linux v2.6.31.4 y anteriores permite a usuarios locales causar una denegación de servicio (el servidor se bloquea) creando un socket abstract-namespace AF_UNIX y realizando una operación de apagado en ese socket, para luego luego realizar una serie de operaciones de conexión en dicho socket. • https://www.exploit-db.com/exploits/10022 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce • CWE-400: Uncontrolled Resource Consumption •