Page 8 of 62 results (0.013 seconds)

CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 0

CVE-2010-4168

https://notcve.org/view.php?id=CVE-2010-4168

Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp. Múltiples vulnerabilidades de liberación después del uso en OpenTTD v1.0.x anterior a v1.0.5 permite (1) que atacantes remotos provoquen una denegación de servicio (escritura no válida y caída de demonio) desconectando repentinamente durante la transmisión del plano del servidor, relacionado con network/network_server.cpp; (2) permite a atacantes remotos provocar una denegación de servicio (lectura no válida y caída de demonio) desconectando repentinamente durante la transmisión del plano del servidor, relacionado con network/network_server.cpp; (3) servidores remotos pueden provocar una denegación de servicio (lectura no válida y caída de aplicación) forzando una desconexión durante el proceso de unión, relacionado con network/network.cpp. • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052187.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052193.html http://marc.info/?l=oss-security&m=128975491407670&w=2 http://marc.info/?l=oss-security&m=128984298802678&w=2 http://secunia.com/advisories/42578 http://security.openttd.org/en/CVE-2010-4168 http://security.openttd.org/en/patch/28.patch http://vcs.openttd.org/svn/changeset/21182 http://www.securityfocus.com/bid/ • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1

CVE-2010-4206 – WebKit: Array index error during processing of an SVG document

https://notcve.org/view.php?id=CVE-2010-4206

Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters. Google Chrome antes de la versión v7.0.517.44 accede a una posición fuera de índice de un array en memoria durante el procesamiento de un documento SVG, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener algún otro impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=60688 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/70652 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45721 http • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2010-4197 – WebKit: Use-after-free vulnerabiity related to text editing causes memory corruption

https://notcve.org/view.php?id=CVE-2010-4197

Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. Vulnerabilidad de uso después de liberación en Google Chrome antes de su versión v7.0.517.44 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la edición de texto. • http://code.google.com/p/chromium/issues/detail?id=51602 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/70594 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45720 http • CWE-416: Use After Free •

CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0

CVE-2010-4198 – WebKit: Memory corruption due to improper handling of large text area

https://notcve.org/view.php?id=CVE-2010-4198

WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document. Google Chrome antes de su versión v7.0.517.44 no maneja correctamente areas de texto demasiado grandes, lo que permite a atacantes remotos causar una denegación de servicio (por corrupción de memoria) o incluso posiblemente tener algún otro impacto no especificado a travñes de un documento HTML debidamente modificado. • http://code.google.com/p/chromium/issues/detail?id=55257 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45719 http://www.vupen.com/english/advisories/2011& • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2010-4204 – WebKit: Use-after-free vulnerability related frame object

https://notcve.org/view.php?id=CVE-2010-4204

WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes de su v7.0.517.44 accede a un objeto 'frame' después de que este objeto ha sido destruido, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=60238 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/70517 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45718 http • CWE-416: Use After Free •