17 results (0.006 seconds)

CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://securitytracker.com/id?1013967 http://sunsolve.sun.com/search/document.do? •

CVSS: 7.5EPSS: 4%CPEs: 68EXPL: 0

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https: •

CVSS: 4.6EPSS: 0%CPEs: 48EXPL: 0

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. Safe.pm 2.0.7 y anteriores, si se usan con Perl 5.8.0 y anteriores, pueden permitir a atacantes escapar de compartimientos seguros en Safe::reval o Safe::rdo usando una variable @_ redefinida, que no es reestablecida entre llamadas sucesivas. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-007.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.1/SCOSA-2004.1.txt ftp://patches.sgi.com/support/free/security/advisories/20030606-01-A http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0061.html http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744 http://marc.info/?l=bugtraq&m=104005919814869&w=2 http://marc.info/?l=bugtraq&m=104033126305252&w=2 http://marc.info/?l=bugtraq&m=10404 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. • ftp://ftp.sco.com/SSE/security_bulletins/SB-99.07b •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages. • ftp://ftp.sco.com/SSE/security_bulletins/SB-99.09b •