CVE-2018-11781 – spamassassin: Local user code injection in the meta rule syntax
https://notcve.org/view.php?id=CVE-2018-11781
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax. Apache SpamAssassin 3.4.2 soluciona una inyección de código de usuario local en la sintaxis de reglas meta. A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html https://access.redhat.com/errata/RHSA-2018:2916 https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c%40%3Cannounce.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html https://security.gentoo.org/glsa/201812-07 https://usn.ubuntu.com/3811-1 https://usn.ubuntu.com/3811-3 https://access.redhat.com/security/cve/CVE-2018-11781 https://bugzilla.redhat.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2018-14638 – 389-ds-base: Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly
https://notcve.org/view.php?id=CVE-2018-14638
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service. Se ha descubierto un problema en versiones anteriores a la 1.3.8.4-13 de 389-ds-base. El proceso ns-slapd se cierra inesperadamente en la función delete_passwdPolicy cuando las conexiones de búsqueda persistente se terminan inesperadamente, lo que conduce a una denegación de servicio (DoS) remota. A double-free of a password policy structure was found in the way slapd was handling certain errors during persistent search. • https://access.redhat.com/errata/RHSA-2018:2757 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14638 https://pagure.io/389-ds-base/c/78fc627accacfa4061ce48977e22301f81ea8d73 https://access.redhat.com/security/cve/CVE-2018-14638 https://bugzilla.redhat.com/show_bug.cgi?id=1626079 • CWE-400: Uncontrolled Resource Consumption CWE-415: Double Free •
CVE-2018-12379 – Mozilla: Out-of-bounds write with malicious MAR file
https://notcve.org/view.php?id=CVE-2018-12379
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Cuando Mozilla Updater abre un archivo de formato MAR que contiene un nombre de archivo de ítem muy largo, puede desencadenarse una escritura fuera de límites que conduce a un cierre inesperado potencialmente explotable. Esto requiere la ejecución manual de Mozilla Updater en el sistema local con el archivo MAR malicioso para que ocurra. • http://www.securityfocus.com/bid/105280 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/show_bug.cgi?id=1473113 https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/20181 • CWE-787: Out-of-bounds Write •
CVE-2018-16802 – ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling
https://notcve.org/view.php?id=CVE-2018-16802
An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509. Se ha descubierto un problema en versiones anteriores a la 9.25 de Artifex Ghostscript. La comprobación incorrecta de "restoration of privilege" al quedarse sin pila durante el manejo de excepciones podría ser empleada por atacantes que sean capaces de proporcionar PostScript manipulado para ejecutar código mediante la instrucción "pipe". • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3e5d316b72e3965b7968bb1d96baa137cd063ac6 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=643b24dbd002fb9c131313253c307cf3951b3d47 https://access.redhat.com/errata/RHSA-2018:3834 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5812b1b78fc4d36fdc293b7859de69241140d590 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://seclists.org/oss-sec/2018/q3/228 https://seclists.org/oss-sec/2018/q3/229 https://security • CWE-20: Improper Input Validation •
CVE-2018-12376 – Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
https://notcve.org/view.php?id=CVE-2018-12376
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Hay errores de seguridad de memoria en Firefox 61 y Firefox ESR 60.1. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://www.securityfocus.com/bid/105280 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1469309%2C1469914%2C1450989%2C1480092%2C1480517%2C1481093%2C1478575%2C1471953%2C1473161%2C1466991%2C1468738%2C1483120%2C1467363%2C1472925%2C1466577%2C1467889%2C1480521%2C1478849 https://lists.debia • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •