CVE-2014-2030 – ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)
https://notcve.org/view.php?id=CVE-2014-2030
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947. Un desbordamiento del búfer en la región stack de la memoria en la función WritePSDImage en el archivo coders/psd.c en ImageMagick, posiblemente versión 6.8.8-5, permite a atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de una imagen PSD diseñada, que involucra la cadena L%06ld, una vulnerabilidad diferente de CVE-2014-1947. • https://www.exploit-db.com/exploits/31688 http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html http://ubuntu.com/usn/usn-2132-1 http://www.openwall.com/lists/oss-security/2014/02/12/2 http://www.openwall.com/lists/oss-security/2014/02/13/5 http://www.openwall.com/lists/oss-security/2014/02/19/13 https://bugzilla.redhat.com/show_bug.cgi?id=1064098 https://web.archive.org/web/2 • CWE-787: Out-of-bounds Write •
CVE-2013-2191
https://notcve.org/view.php?id=CVE-2013-2191
python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate. python-bugzilla anterior a 0.9.0 no valida los certificados X.509 , lo que permite a atacantes man-in-the-middle falsificar servidores Bugzilla a través de un certificado manipulado. • http://lists.opensuse.org/opensuse-updates/2013-07/msg00025.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00026.html http://www.openwall.com/lists/oss-security/2013/06/19/6 https://bugzilla.redhat.com/show_bug.cgi?id=951594 https://git.fedorahosted.org/cgit/python-bugzilla.git/commit/?id=a782282ee479ba4cc1b8b1d89700ac630ba83eef https://lists.fedorahosted.org/pipermail/python-bugzilla/2013-June/000104.html • CWE-20: Improper Input Validation •
CVE-2012-1095
https://notcve.org/view.php?id=CVE-2012-1095
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator. osc anterior a 0.134 podría permitir a servidores de repositorios OBS remotos o equipos de mantenimiento de paquetes ejecutar comandos arbitrarios a través del (1) registro o (2) estado de creación manipulados que contienen una secuencia de escape para un emulador de terminal. • http://lists.opensuse.org/opensuse-updates/2012-03/msg00035.html http://www.openwall.com/lists/oss-security/2012/02/28/15 http://www.openwall.com/lists/oss-security/2012/02/28/9 http://www.openwall.com/lists/oss-security/2012/03/02/2 https://bugzilla.novell.com/show_bug.cgi?id=749335 https://bugzilla.redhat.com/show_bug.cgi?id=798353 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-1490 – nss: TOCTOU, potential use-after-free in libssl's session ticket processing (MFSA 2014-12)
https://notcve.org/view.php?id=CVE-2014-1490
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket. Condición de carrera en libssl en Mozilla Network Security Services (NSS) anterior a 3.15.4, utilizado en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3, SeaMonkey anterior a 2.24 y otros productos, permite a atacantes remotos causar una denegación de servicio (uso después de liberación) o posiblemente tener otro impacto no especificado a través de vectores que involucran una reanudación de handshake que provoca un reemplazo incorrecto de un ticket de sesión. A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVE-2014-1480
https://notcve.org/view.php?id=CVE-2014-1480
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site. La implementación de descarga de archivos en Mozilla Firefox anterior a 27.0 y SeaMonkey anterior a 2.24 no restringe debidamente el tiempo de las selecciones de botón, lo que permite a atacantes remotos llevar a cabo ataques de clickjacking y provocar el lanzamiento no intencionado de un archivo descargado, a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://osvdb.org/102867 http://secunia.com/advisories/56888 http://www.mozilla.org/security/announce/2014/mfsa2014-03.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/65331 http://www.securitytracker.com/id • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •