CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2019-10185 – icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite
https://notcve.org/view.php?id=CVE-2019-10185
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. Se descubrió que icedtea-web hasta 1.7.2 y 1.8.2 inclusive, era vulnerable para un ataque zip slip durante la extracción automática de un archivo JAR. Un atacante podría usar este defecto para escribir archivos a localizaciones arbitrarias. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html http://packetstormsecurity.com/files/154748/IcedTeaWeb-Validation-Bypass-Directory-Traversal-Code-Execution.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10185 https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327 https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344 https://lists.debian.org/debian-lts-announce/2019/09/msg00008.html https://seclists.org/bugtraq/2019/Oct/5 https://security.gentoo.org/glsa/2021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2019-5060
https://notcve.org/view.php?id=CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la función de renderización de imágenes XPM de SDL2_image 2.0.4. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0844 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5059
https://notcve.org/view.php?id=CVE-2019-5059
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad de renderización de imágenes XPM de SDL2_image 2.0.4. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0843 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5058
https://notcve.org/view.php?id=CVE-2019-5058
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad de renderización de imágenes XCF de SDL2_image versión 2.0.4. Una imagen XCF especialmente diseñada puede causar un desbordamiento de la pila, resultando en la ejecución de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0842 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5057
https://notcve.org/view.php?id=CVE-2019-5057
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad de renderización de imágenes PCX de SDL2_image versión 2.0.4. Una imagen PCX especialmente diseñada puede causar un desbordamiento de la pila, resultando en la ejecución de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0841 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •