CVSS: 7.8EPSS: 4%CPEs: 8EXPL: 1CVE-2014-8485 – binutils: lack of range checking leading to controlled write in _bfd_elf_setup_sections()
https://notcve.org/view.php?id=CVE-2014-8485
09 Dec 2014 — The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file. La función setup_group en bfd/elf.c en libbfd en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de cabeceras de grupo de sección manipuladas en un fichero ELF. A buffer overflow f... • http://lcamtuf.blogspot.co.uk/2014/10/psa-dont-run-strings-on-untrusted-files.html • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-822: Untrusted Pointer Dereference •
CVSS: 8.8EPSS: 4%CPEs: 8EXPL: 1CVE-2014-8502 – binutils: heap overflow in objdump when parsing a crafted ELF/PE binary file (incomplete fix for CVE-2014-8485)
https://notcve.org/view.php?id=CVE-2014-8502
09 Dec 2014 — Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file. Desbordamiento de buffer basado en memoria dinámica en la función pe_print_edata en bfd/peXXigen.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente tener orto impacto no especificado a t... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 5%CPEs: 8EXPL: 1CVE-2014-8503 – binutils: stack overflow in objdump when parsing specially crafted ihex file
https://notcve.org/view.php?id=CVE-2014-8503
09 Dec 2014 — Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file. Desbordamiento de buffer basado en pila en la función ihex_scan en bfd/ihex.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente tener otro impacto no especificado a través de un fichero ihex manipulado. A stack-ba... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 3%CPEs: 8EXPL: 3CVE-2014-8504 – binutils: stack overflow in the SREC parser
https://notcve.org/view.php?id=CVE-2014-8504
09 Dec 2014 — Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file. Desbordamiento de buffer basado en pila en la función srec_scan en bfd/srec.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente tener orto impacto no especificado a través de un fichero manipulado. A stack-based buffer... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 2CVE-2014-8737 – binutils: directory traversal vulnerability
https://notcve.org/view.php?id=CVE-2014-8737
09 Dec 2014 — Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar. Múltiples vulnerabilidades de salto de directorio en GNU binutils 2.24 y anteriores permiten a usuarios locales eliminar ficheros arbitrarios a través de un .. (punto punto) o nombre completo de ruta en un archivo en (1) st... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145256.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 4%CPEs: 8EXPL: 1CVE-2014-8501 – binutils: out-of-bounds write when parsing specially crafted PE executable
https://notcve.org/view.php?id=CVE-2014-8501
09 Dec 2014 — The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable. La función _bfd_XXi_swap_aouthdr_in en bfd/peXXigen.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango) y posiblemente tener otro impacto no especificado... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-7817 – glibc: command execution in wordexp() with WRDE_NOCMD specified
https://notcve.org/view.php?id=CVE-2014-7817
24 Nov 2014 — The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))". La función wordexp en GNU C Library (también conocido como glibc) 2.21 no fuerza el indicador WRDE_NOCMD, lo que permite a atacantes dependientes de contexto ejecutar comandos arbitrarios, tal y como fue demostrado por entradas que contienen '$((`...`))'. It was found that the wordexp() function ... • http://linux.oracle.com/errata/ELSA-2015-0016.html • CWE-20: Improper Input Validation CWE-440: Expected Behavior Violation •
CVSS: 9.8EPSS: 33%CPEs: 15EXPL: 5CVE-2014-8768 – tcpdump 4.6.2 - Geonet Decoder Denial of Service
https://notcve.org/view.php?id=CVE-2014-8768
19 Nov 2014 — Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. Múltiples subdesbordamientos de enteros en la función geonet_print en tcpdump 4.5.0 hasta 4.6.2, cuando se utiliza el modo verbose, permite a atacantes remotos causar una denegación de servicio (fallo de segmentación y caída) a través de un valor de longitud manipulado en... • https://packetstorm.news/files/id/129156 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-5388 – Gentoo Linux Security Advisory 201412-01
https://notcve.org/view.php?id=CVE-2014-5388
13 Nov 2014 — Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption. Error de superación de límite (off-by-one) en la función pci_read en ACPI PCI interfaz hotplug (hw/acpi/pcihp.c) en QEMU permite a usuarios locales invitados obtener información sensible y tener otro impacto no especificado relacionado con un dispositivo... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fa365d7cd11185237471823a5a33d36765454e16 • CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 0%CPEs: 57EXPL: 0CVE-2014-3707 – curl: incorrect handle duplication after COPYPOSTFIELDS
https://notcve.org/view.php?id=CVE-2014-3707
10 Nov 2014 — The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information. La función curl_easy_duphandle en libcurl 7.17.1 hasta 7.38.0, cuando se ejecuta con la opción CURLOPT_COPYPOSTFIELDS, no copia debidamente datos HTTP POST para un manejo sencillo, lo que provoca una lectura fuera de rango que p... • http://curl.haxx.se/docs/adv_20141105.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-416: Use After Free •