CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 3CVE-2012-0055 – OverlayFS inode Security Checks - 'inode.c' Local Security Bypass
https://notcve.org/view.php?id=CVE-2012-0055
OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. OverlayFS en el kernel de Linux versiones anteriores a 3.0.0-16.28, como es usado en Ubuntu versiones 10.0.4 LTS y 11.10, carece de verificaciones de seguridad de inode que podrían permitir a atacantes omitir las restricciones de seguridad y llevar a cabo acciones no autorizadas. • https://www.exploit-db.com/exploits/36571 http://www.openwall.com/lists/oss-security/2012/01/17/11 http://www.ubuntu.com/usn/USN-1363-1 http://www.ubuntu.com/usn/USN-1364-1 http://www.ubuntu.com/usn/USN-1384-1 https://access.redhat.com/security/cve/cve-2012-0055 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/915941 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-0055 • CWE-862: Missing Authorization •
CVSS: 3.6EPSS: 0%CPEs: 2EXPL: 0CVE-2011-4406
https://notcve.org/view.php?id=CVE-2011-4406
The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors. El paquete Ubuntu AccountsService anterior a 0.6.14-1git1ubuntu1.1 no elimina debidamente privilegios cuando se cambian configuraciones de lenguaje, lo que permite a usuarios locales modificar archivos arbitrarios a través de vectores no especificados. • http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/oneiric/accountsservice/oneiric-updates/revision/21 http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4406.html http://www.ubuntu.com/usn/USN-1351-1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2011-4407
https://notcve.org/view.php?id=CVE-2011-4407
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository. ppa.py en Software Properties anterior a 0.81.13.3 no valida el certificado de servidor cuando descarga huellas dactilares de claves GPG PPA, lo que permite a atacantes man-in-the-middle (MITM) falsificar claves GPG para un repositorio de paquete. • http://www.ubuntu.com/usn/USN-1352-1 https://bugs.launchpad.net/ubuntu/%2Bsource/software-properties/%2Bbug/915210 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 88%CPEs: 19EXPL: 1CVE-2012-0444 – Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0444
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. Mozilla Firefox v3.6.26 y v4.x hasta el v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 no inicializa correctamente las estructuras de datos nsChildView, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria caida de la aplicación) o posiblemente ejecutar código de su elección a través de un archivo Ogg Vorbis debidamente manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of Ogg Vorbis media files. By crafting a stream with specific values , it is possible to cause a decoding loop that copies memory to write controlled data beyond the end of a fixed size buffer. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://secunia.com/advisories/48043 http://secunia.com/advisories/48095 http://www.debian.org/security/2012/dsa-2400 http://www.debian.org/security/2012/dsa-2402 http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1CVE-2011-4613 – X.Org xorg 1.4 < 1.11.2 - File Permission Change
https://notcve.org/view.php?id=CVE-2011-4613
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY. El wrapper de las X de X.org (xserver-wrapper.c) en Debian GNU/Linux and Ubuntu Linux no verifica debidamente la TTY de un usuario que está arrancando las X, lo cual permite a usuarios locales evadir restricciones de acceso mediante las asociación de stdin con un archivo que es malinterpretado como la consola TTY. • https://www.exploit-db.com/exploits/18040 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652249 http://www.debian.org/security/2011/dsa-2364 http://www.ubuntu.com/usn/USN-1349-1 • CWE-264: Permissions, Privileges, and Access Controls •