CVE-2019-7443
https://notcve.org/view.php?id=CVE-2019-7443
KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability. KDE KAuth, versiones anteriores 5.55, permite el paso de parámetros con tipos arbitrarios a ayudantes que se ejecutan como root sobre DBus a través de DBusHelperProxy.cpp. Ciertos tipos pueden causar caídas y desencadenar la decodificación de imágenes arbitrarias con plugins cargados dinámicamente. • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00065.html https://bugzilla.suse.com/show_bug.cgi?id=1124863 https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAWLQKTUQJOAPXOFWJQAQCA4LVM2P45F https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXVUJNXB6QKGPT6YJPJSG3U2BIR5XK5Y • CWE-20: Improper Input Validation •
CVE-2019-11036 – Heap over-read in PHP EXIF extension
https://notcve.org/view.php?id=CVE-2019-11036
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash. Al procesar ciertos archivos, la extensión PHP EXIF en las versiones 7.1.x anteriores a 7.1.29, 7.2.x anteriores a 7.2.18 y 7.3.x anteriores a 7.3.5, puede hacer que se lea el búfer asignado en la función exif_process_IFD_TAG. Esto puede conducir a la revelación de información o a un cierre inesperado. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html http://www.securityfocus.com/bid/108177 https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug.php?id=77950 https://lists. • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2019-11627
https://notcve.org/view.php?id=CVE-2019-11627
gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. gpg-key2ps en signing-party versión 1.1.x y 2.x anteriores a la 2.10-1 contiene una llamada de shell insegura que permite la inyección de shell a través de un ID de usuario. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00029.html https://bugs.debian.org/928256 https://lists.debian.org/debian-lts-announce/2019/05/msg00001.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-11506
https://notcve.org/view.php?id=CVE-2019-11506
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c. En GraphicsMagick, desde la versión 1.3.30 hasta la 1.4 snapshot-20190403 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WriteMATLABImage de codificadores/mat.c, que permite a un atacante causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un archivo de imagen creado. Esto está relacionado con ExportRedQuantumType en magick/export.c. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/57ac0ae85e2a http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html https://lists.debian.org/debian-lts-announce/2019/05/msg00027.html https • CWE-787: Out-of-bounds Write •
CVE-2019-11505
https://notcve.org/view.php?id=CVE-2019-11505
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c. En GraphicsMagick, desde la versión 1.3.8 hasta la 1.4 snapshot-20190403 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WritePDBImage de codificadores/pdb.c, que permite a un atacante causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un archivo de imagen creado. Esto está relacionado con MagickBitStreamMSBWrite en magick/bit_stream.c. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/85f5bdcd246a http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html http://www.securityfocus.com/bid/108063 https://lists.debian.org/de • CWE-787: Out-of-bounds Write •