Page 96 of 521 results (0.041 seconds)

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

CVE-2010-2524 – kernel: dns_resolver upcall security issue

https://notcve.org/view.php?id=CVE-2010-2524

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals. La funcionalidad de resolución DNS en el kernel de Linux anterior a v2.6.35, cuando CONFIG_CIFS_DFS_UPCALL está activado, cuenta con el "keyring" de usuario para la "upcall" dns_resolver en el espacio de usuario cifs.upcall, lo que permite a usuarios locales secuestrar los resultados de las consultas DNS y realizar montajes (mounts) CIFS de su elección a través de vectores que involucran una llamada add_key, relacionado con un cuestión de relleno de caché (stuffing) y referencias MS-DFS. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html http://marc.info/?l=oss-security&m=128072090331700&w=2 http://marc.info/?l=oss-security&m=128078387328921&w=2 http://marc.info/?l=oss-security&m=128080755321157&w=2 http://secunia.com/advisories/43315 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 http://www.mandr •

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

CVE-2010-2066 – kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files

https://notcve.org/view.php?id=CVE-2010-2066

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor. La función mext_check_arguments en fs/ext4/move_extent.c en el kernel de Linux anterior a v2.6.35, permite a usuarios locales sobrescribir una archivo de solo-añadir (append-only) a través de una llamada MOVE_EXT ioctl que especifica este archivo como un donante. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html http://secunia.com/advisories/43315 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 http://www.openwall.com/lists/oss-security/2010/06/07/1 http://www.openwall.com/lists/oss-security/2010/06/09/1 http://www.redhat.com/support/errata/RHSA-2010-0610.html http://w •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2010-3259 – webkit: cross-origin image theft

https://notcve.org/view.php?id=CVE-2010-3259

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site. Google Chrome anterior a v6.0.472.53 no restringe apropiadamente el acceso de lectura a las imágenes, lo que permite a atacantes remotos evitar la "Same Origin Policy" y obtener información potencialmente sensible a través de vectores sin especificar • http://code.google.com/p/chromium/issues/detail?id=53001 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

CVE-2010-3248

https://notcve.org/view.php?id=CVE-2010-3248

Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors. Google Chrome anterior a v6.0.472.53 no restringe apropiadamente el copiado al portapapeles, lo que produce un impacto y vectores de ataque sin especificar. • http://code.google.com/p/chromium/issues/detail?id=41654 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://secunia.com/advisories/41856 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.securityfocus.com/bid/44216 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/repository/search/definition/oval%3A •

CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0

CVE-2010-3257 – webkit: stale pointer issue with focusing

https://notcve.org/view.php?id=CVE-2010-3257

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. Google Chrome anterior a v6.0.472.53 no realiza apropiadamente el manejo del foco, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otros impactos sin especificar a través de vectores desconocidos. Relacionado con un problema "stale pointer" • http://code.google.com/p/chromium/issues/detail?id=52443 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia&# • CWE-416: Use After Free •