CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 2CVE-2015-5334
https://notcve.org/view.php?id=CVE-2015-5334
Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508. Un error por un paso en la función OBJ_obj2txt en LibreSSL versiones anteriores a 2.3.1, permite a atacantes remotos causar una denegación de servicio (bloqueo del programa) o posible ejecutar código arbitrario por medio de un certificado X.509 diseñado, que desencadena un desbordamiento de búfer en la región stack de la memoria. Nota: esta vulnerabilidad se presenta debido a una corrección incorrecta para CVE-2014-3508. • http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html http://seclists.org/fulldisclosure/2015/Oct/75 http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 2%CPEs: 5EXPL: 0CVE-2015-7674
https://notcve.org/view.php?id=CVE-2015-7674
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función pixops_scale_nearest en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.32.1 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código arbitrario a través de un archivo de imagen GIF manipulado, lo que desencadena un desbordamiento de buffer basado en memoria dinámica. • http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.1.news http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html http://www.debian.org/security/2015/dsa-3378 http://www.openwall.com/lists/oss-security/2015/10/01/4 http://www.openwall.com/lists/oss-security/2015/10/01/7 http://www.openwall.com/lists/oss-security/2015/10/02/10 http://www.openwall.com/lists/o • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2015-7673
https://notcve.org/view.php?id=CVE-2015-7673
io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file. io-tga.c in gdk-pixbuf en versiones anteriores a 2.32.0 utiliza la memoria dinámica tras su asignación fallida, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y caída de la aplicación) y posiblemente ejecutar código arbitrario a través de un archivo Truevision TGA (TARGA) manipulado. • http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.0.news http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html http://www.debian.org/security/2015/dsa-3378 http://www.openwall.com/lists/oss-security/2015/10/01/3 http://www.openwall.com/lists/oss-security/2015/10/02/9 http://www.securityfocus.com/bid/76953 http://www.ubuntu.com/usn/USN-2767-1 https://gi • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2015-5235 – icedtea-web: applet origin spoofing
https://notcve.org/view.php?id=CVE-2015-5235
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. IcedTea-Web en versiones anteriores a 1.5.3 y 1.6.x en versiones anteriores a 1.6.1 no determina correctamente el origen de applets no firmados, lo que permite a atacantes remotos eludir el proceso de autorización o engañar al usuario para que acepte la ejecución del applet a través de una página web manipulada. It was discovered that IcedTea-Web did not properly determine an applet's origin when asking the user if the applet should be run. A malicious page could use this flaw to cause IcedTea-Web to execute the applet without user approval, or confuse the user into approving applet execution based on an incorrectly indicated applet origin. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html http://rhn.redhat.com/errata/RHSA-2016-0778.html http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securitytracker.com/id/1033780 http://w • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2015-5234 – icedtea-web: unexpected permanent authorization of unsigned applets
https://notcve.org/view.php?id=CVE-2015-5234
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks. IcedTea-Web en versiones anteriores a 1.5.3 y 1.6.x anterior a 1.6.1 no limpia correctamente URLs de applet, lo que permite a atacantes remotos inyectar applets en el archivo de configuración .appletTrustSettings y eludir la aprobación del usuario para ejecutar la applet a través de una página web manipulada, probablemente relacionada con el salto de línea. It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed without user approval. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html http://rhn.redhat.com/errata/RHSA-2016-0778.html http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.securitytracker.com/id/1033780 http://w • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •