Page 72 of 510 results (0.011 seconds)

CVSS: 9.8EPSS: 30%CPEs: 12EXPL: 0

CVE-2017-5204 – tcpdump: multiple overflow issues in protocol decoding

https://notcve.org/view.php?id=CVE-2017-5204

The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). El analizador IPv6 en tcpdump en versiones anteriores a 4.9.0 tiene un desbordamiento de búfer en print-ip6.c:ip6_print(). Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (without -w) which could cause it to display incorrect data, crash or enter an infinite loop. • http://www.debian.org/security/2017/dsa-3775 http://www.securityfocus.com/bid/95852 http://www.securitytracker.com/id/1037755 https://access.redhat.com/errata/RHSA-2017:1871 https://security.gentoo.org/glsa/201702-30 https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html https://access.redhat.com/security/cve/CVE-2017-5204 https://bugzilla.redhat.com/show_bug.cgi?id=1419066 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 1%CPEs: 14EXPL: 0

CVE-2016-5824 – libical: Multiple use-after-free vulnerabilities

https://notcve.org/view.php?id=CVE-2016-5824

libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. libical 1.0 permite a atacantes remotos provocar una denegación de servicio (uso después de liberación de memoria) a través de un archivo ics manipulado. • http://www.openwall.com/lists/oss-security/2016/06/25/4 http://www.openwall.com/lists/oss-security/2017/01/20/16 http://www.securityfocus.com/bid/91459 https://access.redhat.com/errata/RHSA-2019:0269 https://access.redhat.com/errata/RHSA-2019:0270 https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 https://github.com/libical/libical/issues/235 https://github.com/libical/libical/issues/251 https://github.com/libical/libical/issues/286 https://security.gentoo • CWE-416: Use After Free •

CVSS: 8.8EPSS: 2%CPEs: 14EXPL: 0

CVE-2017-5208 – icoutils: Check_offset overflow on 64-bit systems

https://notcve.org/view.php?id=CVE-2017-5208

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code. Un desbordamiento de números enteros en el programa wrestool en icoutils en versiones anteriores a la 0.31.1 permite que atacantes remotos provoquen una denegación de servicio (corrupción de memoria) mediante un ejecutable manipulado. Esto desencadena una denegación de servicio (bloqueo de aplicación) o la posibilidad de ejecución de código arbitrario. A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution. • http://rhn.redhat.com/errata/RHSA-2017-0837.html http://www.debian.org/security/2017/dsa-3756 http://www.openwall.com/lists/oss-security/2017/01/08/5 http://www.securityfocus.com/bid/95315 https://bugzilla.redhat.com/show_bug.cgi?id=1411251 https://security.gentoo.org/glsa/201801-12 https://access.redhat.com/security/cve/CVE-2017-5208 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0

CVE-2016-6796 – tomcat: security manager bypass via JSP Servlet config parameters

https://notcve.org/view.php?id=CVE-2016-6796

A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. Una aplicación web maliciosa en Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, y 6.0.0 a 6.0.45 era capaz de eludir un SecurityManager configurado mediante la manipulación de los parámetros de configuración para el Servlet JSP. It was discovered that a malicious web application could bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. • http://rhn.redhat.com/errata/RHSA-2017-0457.html http://rhn.redhat.com/errata/RHSA-2017-1551.html http://www.debian.org/security/2016/dsa-3720 http://www.securityfocus.com/bid/93944 http://www.securitytracker.com/id/1037141 http://www.securitytracker.com/id/1038757 https://access.redhat.com/errata/RHSA-2017:0455 https://access.redhat.com/errata/RHSA-2017:0456 https://access.redhat.com/errata/RHSA-2017:1548 https://access.redhat.com/errata/RHSA-2017:1549 https:/& •

CVSS: 5.3EPSS: 0%CPEs: 31EXPL: 0

CVE-2016-6794 – tomcat: system property disclosure

https://notcve.org/view.php?id=CVE-2016-6794

When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible. Cuando se configura un SecurityManager, la capacidad de una aplicación web de leer las propiedades del sistema debería estar controlada por SecurityManager. En Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, 6.0.0 a 6.0.45 la funcionalidad de reemplazo de propiedades del sistema para archivos de configuración podría ser utilizada por una aplicación web maliciosa para eludir el SecurityManager y leer propiedades del sistema que no deberían ser visibles. It was discovered that when a SecurityManager was configured, Tomcat's system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible. • http://rhn.redhat.com/errata/RHSA-2017-0457.html http://www.debian.org/security/2016/dsa-3720 http://www.securityfocus.com/bid/93943 http://www.securitytracker.com/id/1037143 https://access.redhat.com/errata/RHSA-2017:0455 https://access.redhat.com/errata/RHSA-2017:0456 https://access.redhat.com/errata/RHSA-2017:2247 https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E https://lists.apache.org/thread.html/343558d982879bf88e •