14 results (0.013 seconds)

CVSS: 6.8EPSS: 42%CPEs: 27EXPL: 1

Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet. Múltiples desbordamientos de buffer basados en memoria dinámica en Aircrack-ng anteriores a 1.1 permiten a atacantes remotos causar denegación de servicio (caída) y ejecutar código arbitrario a través de (1) un valor grande en un paquete EAPOL o (2) un paquete EAPOL grande. • https://www.exploit-db.com/exploits/12217 http://pyrit.googlecode.com/svn/tags/opt/aircrackng_exploit.py http://secunia.com/advisories/39150 http://secunia.com/advisories/55053 http://security.gentoo.org/glsa/glsa-201310-06.xml http://svn.aircrack-ng.org/trunk/ChangeLog • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.9EPSS: 0%CPEs: 33EXPL: 0

Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library. Vulnerabilidad de ruta de búsqueda no confiable en el paquete Gentoo de Xpdf anteriores a v3.02-r2, permite a usuarios locales obtener privilegios a través de un troyano (fichero xpdfrc) en el directorio de trabajo actual, relativo a la macro SYSTEM_XPDFRC no fijada en el proceso de construcción Gentoo, que usa la biblioteca poppler. • http://bugs.gentoo.org/show_bug.cgi?id=200023 http://bugs.gentoo.org/show_bug.cgi?id=242930 http://osvdb.org/53529 http://secunia.com/advisories/34610 http://security.gentoo.org/glsa/glsa-200904-07.xml http://www.securityfocus.com/bid/34401 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 1%CPEs: 23EXPL: 2

Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and possibly other vectors involving the action variable. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la función wp_explain_nonce de la funcionalidad nonce AYS (wp-includes/functions.php) para WordPress 2.0 anterior a 2.0.9 y 2.1 anterior a 2.1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante el parámetro file a wp-admin/templates.php, y posiblemente otros vectores que implican la variable action. • https://www.exploit-db.com/exploits/29598 http://downloads.securityfocus.com/vulnerabilities/exploits/22534.html http://osvdb.org/33766 http://secunia.com/advisories/24306 http://secunia.com/advisories/24566 http://trac.wordpress.org/changeset/4876 http://trac.wordpress.org/changeset/4877 http://trac.wordpress.org/ticket/3781 http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml http://www.securityfocus.com/bid/22534 http://www.vupen.com/english/advisories/2007/0741 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 2

The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks. • http://bugs.gentoo.org/show_bug.cgi?id=122376 http://bugs.gentoo.org/show_bug.cgi?id=125902 http://bugs.gentoo.org/show_bug.cgi?id=127167 http://bugs.gentoo.org/show_bug.cgi?id=127319 http://secunia.com/advisories/19376 http://www.gentoo.org/security/en/glsa/glsa-200603-23.xml http://www.osvdb.org/24104 http://www.securityfocus.com/archive/1/428739/100/0/threaded http://www.securityfocus.com/archive/1/428743/100/0/threaded http://www.securityfocus.com&# •

CVSS: 7.5EPSS: 10%CPEs: 57EXPL: 1

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. • http://marc.info/?l=bugtraq&m=110608222117215&w=2 http://www.debian.org/security/2005/dsa-646 http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities http://www.redhat.com/support/errata/RHSA-2005-070.html http://www.redhat.com/support/errata/RHSA-2005-071.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925 https://access.redhat.com/security/cve/CVE-2 •