CVSS: 10.0EPSS: 22%CPEs: 45EXPL: 1CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 y anteriores; NFS/ONCplus versión B.11.31_09 y anteriores sobre HP-UX de HP versiones B.11.11, B.11.23 y B.11.31; y IRIX de SGI versión 6.5, permiten a los atacantes remotos ejecutar código arbitrario por medio de una petición RPC que contiene especificadores de cadena de formato en un nombre de directorio no comprobado. • https://www.exploit-db.com/exploits/14407 http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc http://marc.info/?l=bugtraq&m=127428077629933&w=2 http://osvdb.org/64729 http://secunia.com/advisories/39835 http://secunia.com/advisories/39911 http://securitytracker.com/id?1024016 http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html http://www.ibm.com/support/docview.wss?uid=isg1IZ73590 http://www.ibm.com/support/docview.wss?uid=isg1IZ735 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.6EPSS: 14%CPEs: 21EXPL: 3CVE-2007-4938 – MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Desbordamiento de búfer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de aplicación) o posiblemente ejecutar código de su elección a través de un archivo .avi con cierto "tamaño indx tratado" y valores nEntriesInuse, y un cierto valor wLongsPerEntry. • https://www.exploit-db.com/exploits/30578 http://osvdb.org/45940 http://secunia.com/advisories/27016 http://securityreason.com/securityalert/3144 http://www.mandriva.com/security/advisories?name=MDKSA-2007:192 http://www.securityfocus.com/archive/1/479222/100/0/threaded http://www.securityfocus.com/bid/25648 http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/36581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 100EXPL: 2CVE-2005-0465 – SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2005-0465
gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. • https://www.exploit-db.com/exploits/25362 ftp://patches.sgi.com/support/free/security/advisories/20050402-01-P http://secunia.com/advisories/14875 http://securitytracker.com/id?1013662 http://www.idefense.com/application/poi/display?id=225&type=vulnerabilities •
CVSS: 7.2EPSS: 0%CPEs: 103EXPL: 0CVE-2004-0135
https://notcve.org/view.php?id=CVE-2004-0135
The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory. La llamada de sistema syssgi SGI_IOPROVE en IRIX 6.5.20 a 6.5.24 permite a usuarios locales ganar privilegios leyendo y escribiendo en la memoria del kernel. • ftp://patches.sgi.com/support/free/security/advisories/20040601-01-P.asc http://secunia.com/advisories/11872 http://www.osvdb.org/7122 https://exchange.xforce.ibmcloud.com/vulnerabilities/16413 •
CVSS: 7.2EPSS: 0%CPEs: 103EXPL: 0CVE-2004-0134
https://notcve.org/view.php?id=CVE-2004-0134
cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process. cpr (libcpr) en SGI IRIX anteriores a 6.5.25 permite a usuarios locales ganar privilegios cargando una librería suminstrada por el usuario mientras se reinicia el proceso con punto de comprobación. • ftp://patches.sgi.com/support/free/security/advisories/20040507-01-P.asc http://www.securityfocus.com/bid/10418 https://exchange.xforce.ibmcloud.com/vulnerabilities/16259 •