CVE-2016-0695 – OpenJDK: insufficient DSA key parameters checks (Security, 8138593)
https://notcve.org/view.php?id=CVE-2016-0695
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con Security. It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-05 •
CVE-2016-3427 – Oracle Java SE and JRockit Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2016-3427
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-05 • CWE-284: Improper Access Control •
CVE-2016-2857 – Qemu: net: out of bounds read in net_checksum_calculate()
https://notcve.org/view.php?id=CVE-2016-2857
The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet. La función net_checksum_calculate en net/checksum.c en QEMU permite a usuarios del SO invitado provocar una denegación de servicio (lectura de memoria dinámica fuera de rango y caída) a través de una longitud de la carga útil en un paquete manipulado. An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service). • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=362786f14a753d8a5256ef97d7c10ed576d6572b http://rhn.redhat.com/errata/RHSA-2016-2670.html http://rhn.redhat.com/errata/RHSA-2016-2671.html http://rhn.redhat.com/errata/RHSA-2016-2704.html http://rhn.redhat.com/errata/RHSA-2016-2705.html http://rhn.redhat.com/errata/RHSA-2016-2706.html http://rhn.redhat.com/errata/RHSA-2017-0083.html http://rhn.redhat.com/errata/RHSA-2017-0309.html http://rhn.redhat.com/errata/RHSA- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVE-2016-1646 – Google Chromium V8 Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2016-1646
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code. La implementación de Array.prototype.concat en builtins.cc en Google V8, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.108, no considera adecuadamante los tipos de datos del elemento, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de código JavaScript manipulado. Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-0525.html http://www.debian.org/security/2016/dsa-3531 http://www.securitytracker.com/id/1035423 http://www.ubuntu.com/usn/USN-2955-1 https:// • CWE-125: Out-of-bounds Read •
CVE-2010-5325 – foomatic: potential remote arbitrary code execution
https://notcve.org/view.php?id=CVE-2010-5325
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title. Desbordamiento de buffer basado en memoria dinámica en la función unhtmlify en foomatic-rip en foomatic-filters en versiones anteriores a 4.0.6 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída) o posiblemente ejecutar código arbitrario a través de un título de trabajo largo. It was discovered that the unhtmlify() function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code. • http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog http://rhn.redhat.com/errata/RHSA-2016-0491.html http://www.openwall.com/lists/oss-security/2016/02/15/1 http://www.openwall.com/lists/oss-security/2016/02/15/7 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html https://bugs.linuxfoundation.org/show_bug.cgi?id=515 https://bugzilla.redhat.com/show_bug.cgi?id=1218297 https://access.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •