CVSS: 5.0EPSS: 2%CPEs: 17EXPL: 0CVE-2015-1819 – libxml2: denial of service processing a crafted XML document
https://notcve.org/view.php?id=CVE-2015-1819
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Vulnerabilidad en el xmlreader en libxml, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de datos XML manipulados, relacionada con un ataque XML Entity Expansión (XEE). A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html http://lists.opensuse.org/opensuse-updates/2015- • CWE-399: Resource Management Errors •
CVSS: 6.9EPSS: 0%CPEs: 270EXPL: 0CVE-2011-1011 – policycoreutils: insecure temporary directory handling in seunshare
https://notcve.org/view.php?id=CVE-2011-1011
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application. La función seunshare_mount en sandbox/seunshare.c en seunshare en ciertos paquetes de Red Hat de policycoreutils v2.0.83 y anteriores de Red Hat Enterprise Linux (RHEL) v6 y anteriores, y Fedora v14 y anteriores, monta un nuevo directorio en la parte superior de /tmp sin asignar la pertenencia de root y el bit sticky a este nuevo directorio, lo que permite a usuarios locales reemplazar o eliminar de archivos /tmp de su elección, y por lo tanto provocar una denegación de servicio o ganar privilegios en su caso, mediante la ejecución de una aplicación setuid que se basa en /tmp, como demostrado por la aplicación de KSU. • http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html http://openwall.com/lists/oss-security/2011/02/23/1 http://openwall.com/lists/oss-security/2011/02/23/2 http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197 http://secunia.com/advisories/43415 http://secunia.com/advisories/43844 http://secunia&# • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.8EPSS: 0%CPEs: 28EXPL: 1CVE-2010-2526 – lvm2-cluster: insecurity when communicating between lvm2 and clvmd
https://notcve.org/view.php?id=CVE-2010-2526
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands. El cluster logical volume manager daemon (clvmd) en lvm2-cluster en LVM2 anterior v2.02.72, como el usado en Red Hat Global File System (GFS) y otros productos, no verifica las credenciales de cliente sobre una conexión socket, permitiendo a usuarios locales causar una denegación de servicio (cuelgue del demonio o cambio de volumen lógico) o probablemente tener otros impactos a través de comandos de control manipulados. • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://secunia.com/advisories/40759 http://securitytracker.com/id?1024258 http://www.osvdb.org/66753 http://www.ubuntu.com/usn/USN-1001-1 http://www.vupen.com/english/advisories/2010/1944 https://bugzilla.redhat.com/show_bug.cgi?id=614248 https://exchange.xforce.ibmcloud.com/vulnerabilities/60809 https://rhn.redhat.com/errata/RHSA-2010-0567.html https://rhn.redhat.com/errata/RHSA-2010-0568.html htt • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 1CVE-2010-2598 – libtiff: crash when reading image with not configured compression
https://notcve.org/view.php?id=CVE-2010-2598
LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPEG input." La libreria LibTIFF de Red Hat Enterprise Linux (RHEL) v3 sobre las plataformas x86_64, tal y como se utiliza en tiff2rgba, intenta de procesar los datos de la imagen incluso cuando la funcionalidad de compresión solicitado no está configurada, lo que permite a atacantes remotos provocar una denegación de servicio a través de una imagen TIFF debidamente modificada. Se trata de una vulnerabilidad relacionada con "downsampled OJPEG input". • http://secunia.com/advisories/40536 http://www.redhat.com/support/errata/RHSA-2010-0520.html http://www.vupen.com/english/advisories/2010/1761 https://bugzilla.redhat.com/show_bug.cgi?id=583081 https://access.redhat.com/security/cve/CVE-2010-2598 https://bugzilla.redhat.com/show_bug.cgi?id=610786 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 38EXPL: 0CVE-2009-2416 – mingw32-libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types
https://notcve.org/view.php?id=CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. Múltiples vulnerabilidades de uso anterior a la liberación en libxml2 v2.5.10, v2.6.16, v2.6.26, v2.6.27, y v2.6.32, y libxml v1.8.17, permite a atacantes dependientes de contexto producir una denegación de servicio (caída de aplicación) a través de una ,manipulación de (1) una notación o (2) tipos de atributo de enumeración en un fichero XML como se demostró en Codenomicon XML fuzzing framework. • http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://secunia.com/advisories/35036 http://secunia.com/advisories/36207 http://secunia.com/advisories/36338 http://secunia • CWE-416: Use After Free •