CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 0CVE-2014-9640
https://notcve.org/view.php?id=CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file. oggenc/oggenc.c en vorbis-tools 1.4.0 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un fichero raw manipulado. • http://advisories.mageia.org/MGASA-2015-0051.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:037 http://www.openwall.com/lists/oss-security/2015/01/21/6 http://www.openwall.com/lists/oss-security/2015/01/22/9 https://trac.xiph.org/changeset/19117 https://trac.xiph.org/ticket/2009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 1CVE-2014-9638
https://notcve.org/view.php?id=CVE-2014-9638
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. oggenc en vorbis-tools 1.4.0 permite a atacantes remotos causar una denegación de servicio (error de la división por cero y caída) a través de un fichero WAV con el número de canales configurado en cero. • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html http://seclists.org/fulldisclosure/2015/Jan/78 http://www.openwall.com/lists/oss-security/2015/01/21/5 http://www.openwall.com/lists/oss-security/2015/01/22/9 http://www.securityfocus.com/bid/72290 https://trac.xiph.org/ticket/2137 •
CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 1CVE-2014-9639
https://notcve.org/view.php?id=CVE-2014-9639
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. Desbordamiento de enteros en oggenc en vorbis-tools 1.4.0 permite a atacantes remotos causar una denegación de servicio (caída) a través de un número manipulado de canales en un fichero WAV, lo que provoca un acceso a memoria fuera de rango. • http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html http://seclists.org/fulldisclosure/2015/Jan/78 http://www.openwall.com/lists/oss-security/2015/01/21/5 http://www.openwall.com/lists/oss-security/2015/01/22/9 http://www.securityfocus.com/bid/72295 https://trac.xiph.org/ticket/2136 •
CVSS: 6.4EPSS: 1%CPEs: 8EXPL: 0CVE-2014-7941 – chromium-browser: out-of-bounds read in UI
https://notcve.org/view.php?id=CVE-2014-7941
The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data. La función SelectionOwner::ProcessTarget en ui/base/x/selection_owner.cc en la implementación UI en Google Chrome anterior a 40.0.2214.91 utiliza un tipo de datos incorrecto para cierto valor de longitud, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de datos X11 manipulados. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62665 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.securityfocus.com/bid/72288 http://www.securitytracker.com/id/1031623 https://code.google.com/p/chromium/issues/detail?id=428557 https://codereview.chromium.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 1%CPEs: 10EXPL: 0CVE-2014-7943 – chromium-browser: out-of-bounds read in Skia
https://notcve.org/view.php?id=CVE-2014-7943
Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Skia, utilizado en Google Chrome anterior a 40.0.2214.91, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2015/01/stable-update.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0093.html http://secunia.com/advisories/62383 http://secunia.com/advisories/62575 http://secunia.com/advisories/62665 http://security.gentoo.org/glsa/glsa-201502-13.xml http://www.securityfocus.com/bid/72288 http://www.securitytracker.com/id/1031623 http://www.ubuntu.com/usn/USN-2476-1 https:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •