Page 84 of 578 results (0.176 seconds)

CVSS: 9.3EPSS: 3%CPEs: 1EXPL: 1

CVE-2015-3693 – Rowhammer - NaCl Sandbox Escape

https://notcve.org/view.php?id=CVE-2015-3693

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations. Apple Mac EFI anterior a 2015-001, utilizado en OS X anterior a 10.10.4 y otros productos, no configura correctamente los indices actualizados para DDR3 RAM, lo que podría facilitar a atacantes remotos realizar ataques 'row-hammer', y como consecuencia gnar privilegios o causar una denegación de servicio (corrupción de memoria), mediante la provocación de ciertas pautas de acceso a localizaciones de memoria. • https://www.exploit-db.com/exploits/36311 http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00003.html http://support.apple.com/kb/HT204934 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75495 http://www.securitytracker.com/id/1032444 http://www.securitytracker.com/id/1032755 • CWE-254: 7PK - Security Features •

CVSS: 6.9EPSS: 1%CPEs: 2EXPL: 0

CVE-2015-1739 – Microsoft Internet Explorer Add-On Installer EPM Sandbox Escape Vulnerability

https://notcve.org/view.php?id=CVE-2015-1739

This vulnerability allows attackers to escape the Extended Protection Mode sandbox of vulnerable installations of Microsoft Internet Explorer. • http://www.securityfocus.com/bid/74995 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-249 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.9EPSS: 1%CPEs: 5EXPL: 0

CVE-2015-1748 – Microsoft Internet Explorer Protocol Handler Sandbox Escape Vulnerability

https://notcve.org/view.php?id=CVE-2015-1748

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743. Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos ganar privilegios a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1743. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of res:// and Windows Help Engine. By running specially crafted JavaScript, a 32-bit medium integrity process can be spawned. • http://www.securityfocus.com/bid/74997 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-251 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.9EPSS: 2%CPEs: 5EXPL: 0

CVE-2015-1743 – Microsoft Internet Explorer add-on Installer Sandbox Escape Vulnerability

https://notcve.org/view.php?id=CVE-2015-1743

An attacker can bypass checks within the add-on installer with special paths and junction points to achieve medium-integrity code execution under the context of the user. • http://www.securityfocus.com/bid/74996 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-377 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 1

CVE-2015-4335 – redis: Lua sandbox escape and arbitrary code execution

https://notcve.org/view.php?id=CVE-2015-4335

A flaw was discovered in redis that could allow an authenticated user, who was able to use the EVAL command to run Lua code, to break out of the Lua sandbox and execute arbitrary code on the system. • http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162146.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00014.html http://rhn.redhat.com/errata/RHSA-2015-1676.html http://www.debian.org/security/2015/dsa-3279 http://www.openwall.com/lists/oss-security/2015/06/04/12 http://www.openwall • CWE-17: DEPRECATED: Code •