Page 81 of 547 results (0.021 seconds)

CVSS: 10.0EPSS: 97%CPEs: 96EXPL: 2

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c. La implentación del servidor Netlogon en smbd en Samba 3.5.x y 3.6.x anterior a 3.6.25, 4.0.x anterior a 4.0.25, 4.1.x anterior a 4.1.17, y 4.2.x anterior a 4.2.0rc5 realiza una operación libre sobre un puntero de pila no inicializado, lo que permite a atacantes remotos ejecutar código arbitrario a través de paquetes Netlogon manipulados que utilizan la API RPC ServerPasswordSet, tal y como fue demostrado mediante paquetes alcanzando la función _netr_ServerPasswordSet en rpc_server/netlogon/srv_netlog_nt.c. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). • https://www.exploit-db.com/exploits/36741 http://advisories.mageia.org/MGASA-2015-0084.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html http://lists.opensuse.org/opensuse- • CWE-17: DEPRECATED: Code CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 7%CPEs: 6EXPL: 0

Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image. Múltiples desbordamientos de buffer basado en pila en jpc_qmfb.c en JasPer 1.900.1 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una imagen JPEG 2000 manipulada. An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. • http://advisories.mageia.org/MGASA-2015-0038.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2015-0074.html http://rhn.redhat.com/errata/RHSA-2015-0698.html http://secunia.com/advisories/62583 http://secunia.com/advisories/62615 http://secunia.com/advisories/62619 http://secunia.com/advisories/62765 http://www.debian.org/security/2015/dsa-3138 http://www.mandriva.com/security/advisories?name=MDVSA-2015:034 http:/&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.5EPSS: 9%CPEs: 6EXPL: 0

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow. Error de superación de límite (off-by-one) en la función jpc_dec_process_sot en JasPer 1.900.1 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una imagen JPEG 2000 manipulada, lo que provoca un desbordamiento de buffer basado en memoria dinámica. An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. • http://advisories.mageia.org/MGASA-2015-0038.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2015-0074.html http://rhn.redhat.com/errata/RHSA-2015-0698.html http://secunia.com/advisories/62583 http://secunia.com/advisories/62615 http://secunia.com/advisories/62619 http://secunia.com/advisories/62765 http://www.debian.org/security/2015/dsa-3138 http://www.mandriva.com/security/advisories?name=MDVSA-2015:034 http:/&# • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 2%CPEs: 20EXPL: 0

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con RMI. An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html http://marc.info/?l=bugtraq&m=142496355704097&w=2 http://marc.info/?l=bugtraq&m=142607790919348&w=2 http://rhn.redhat.com/errata/RHSA-2015-0068.html http://rhn.redhat.com/errata/RHSA& •

CVSS: 5.4EPSS: 0%CPEs: 29EXPL: 0

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25; Java SE Embedded 7u71 y 8u6; y JRockit R27.8.4 y R28.3.4 permite a usuarios locales afectar la integridad y la disponibilidad a través de vectores desconocidos relacionados con Hotspot. Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158088.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158791.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158810.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://lists.opensuse.org/opensuse-security-announc • CWE-377: Insecure Temporary File •