Vulnerabilites related to redhat - enterprise_linux_hpc_node
Vulnerability from fkie_nvd
Published
2015-10-09 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | icedtea | * | |
| redhat | icedtea | 1.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*", matchCriteriaId: "BDB43F31-4C43-4E80-8B2A-66A8502FCA11", versionEndIncluding: "1.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:icedtea:1.6:*:*:*:*:*:*:*", matchCriteriaId: "28570EF8-C777-4AA9-BD96-ADA1D4B09B91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.", }, { lang: "es", value: "IcedTea-Web en versiones anteriores a 1.5.3 y 1.6.x en versiones anteriores a 1.6.1 no determina correctamente el origen de applets no firmados, lo que permite a atacantes remotos eludir el proceso de autorización o engañar al usuario para que acepte la ejecución del applet a través de una página web manipulada.", }, ], id: "CVE-2015-5235", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-10-09T14:59:05.670", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033780", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2817-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233697", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2817-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233697", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| oracle | linux | 7 | |
| oracle | solaris | 11.3 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la integridad a través de vectores no conocidos relacionados con el cifrado.", }, ], id: "CVE-2016-0606", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:32.537", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-10-21 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | linux | 7 | |
| oracle | solaris | 11.3 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| fedoraproject | fedora | 23 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "8D2C2C12-2523-44DE-AE6D-E1E24D9FDE55", versionEndIncluding: "5.5.44", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "F684205F-9F44-42BD-945A-F6E3446B9E91", versionEndIncluding: "5.6.25", versionStartIncluding: "5.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "6F514644-ED78-408C-8F6A-4E2B292F525C", versionEndExcluding: "5.5.45", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "A00773D6-6BEC-4681-BD63-0409C0AEF19A", versionEndExcluding: "10.0.21", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB7C0BA-2F23-46D2-AA5E-86C16C4B07A8", versionEndExcluding: "10.1.8", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL Server 5.5.44 y versiones anteriores y 5.6.25 y versiones anteriores, permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con programas Client.", }, ], id: "CVE-2015-4819", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-10-21T21:59:34.417", references: [ { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { source: "secalert_us@oracle.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3377", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3385", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/77196", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033894", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2781-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3377", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3385", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/77196", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033894", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2781-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gstreamer | gstreamer | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*", matchCriteriaId: "E205DF55-52AD-46B7-B83E-2FDB322A52A2", versionEndIncluding: "1.10.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica en la función flx_decode_delta_fli en gst/flx/gstflxdec.c en el decoder FLIC en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) proporcionando un 'recuento de saltos' que va más allá del búfer inicializado.", }, ], id: "CVE-2016-9635", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-27T22:59:01.990", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94499", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201705-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201705-10", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-08 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "7B0CB798-F4ED-44E5-9B15-B7009EAC6303", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "67130DAF-AE81-43D2-A208-58A53746A7E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "90631FFA-9AB2-483D-B162-31A47428D280", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*", matchCriteriaId: "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*", matchCriteriaId: "341F900B-5179-4CB4-9F41-91B58B29C414", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3F34F463-6350-4F48-B037-856DDBB1A4FE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B2C813BA-B8F9-446B-A07F-B51F26815578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "3DF4080D-0D95-429E-88AA-1051A5520C01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "CF50F098-A055-4B79-AC35-6BD6F32D70F2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*", matchCriteriaId: "540461D4-87F4-42AB-ADDC-C7A067FE2893", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*", matchCriteriaId: "3E676744-C623-4894-8764-43588E56D2FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*", matchCriteriaId: "669735D1-1C14-4CD7-AA7C-AD2CA63A1979", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*", matchCriteriaId: "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*", matchCriteriaId: "D5F71F24-D909-49D9-8B4F-FA757FDF1C25", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*", matchCriteriaId: "034D1C36-B73E-443E-A6B4-44CC6E7BC043", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*", matchCriteriaId: "6D373245-8384-45E4-BE2E-E0518BD7F84F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*", matchCriteriaId: "EED44413-D313-4588-9A4B-25F79D0925A3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*", matchCriteriaId: "C193EB08-BBC2-43A2-B11A-9C7E2098862D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*", matchCriteriaId: "022A5BCE-A1DC-48E2-829D-AD9261562095", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*", matchCriteriaId: "155F83A1-A04A-48C0-A801-B38F129F310F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*", matchCriteriaId: "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*", matchCriteriaId: "27A15D05-29BA-4CCC-9348-A516E1E2C079", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*", matchCriteriaId: "2004B474-9869-445D-957D-20EF254FB461", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*", matchCriteriaId: "8F91A5E0-0DD8-47DD-B52E-A15E8064945F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*", matchCriteriaId: "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*", matchCriteriaId: "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*", matchCriteriaId: "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*", matchCriteriaId: "3194C6CE-3E8A-4861-AED1-942824974AE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8D102460-B5D5-46C4-8021-7C3510A5FCF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "92265E60-7BBF-4E8E-A438-4132D8FD57BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "346DE008-472F-47E1-8B96-F968C7D0A003", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*", matchCriteriaId: "4C9BDB22-29E0-48A3-8765-FAC6A3442A35", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*", matchCriteriaId: "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*", matchCriteriaId: "F63AB9E5-FD99-40A8-B24F-623BDDBCA427", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*", matchCriteriaId: "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*", matchCriteriaId: "B0B873C1-E7D6-4E55-A5A7-85000B686071", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*", matchCriteriaId: "87D2E8DD-4225-476A-AF17-7621C9A28391", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*", matchCriteriaId: "40D913E2-0FBD-4F6C-8A21-43A0681237BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*", matchCriteriaId: "4B869CEB-7637-48C3-8A4C-171CFB766B97", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*", matchCriteriaId: "75CF5BC1-7071-48A3-86A9-C843485CAED5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*", matchCriteriaId: "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*", matchCriteriaId: "200DB058-C9F0-4983-AF99-EBB8FC2E7875", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*", matchCriteriaId: "57697AAD-5264-4C05-89E4-0228DEF2E9DF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*", matchCriteriaId: "24295270-DCBF-4FF3-88F7-E9A30B6388E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*", matchCriteriaId: "22E754F2-5D3D-437E-BB15-693D2EB58DA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*", matchCriteriaId: "CF4232D2-1F70-4A06-BD11-A0DFE6CE0744", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.18:*:*:*:*:*:*:*", matchCriteriaId: "A3256F8C-2CA8-43B5-96E5-794113FF531B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.19:*:*:*:*:*:*:*", matchCriteriaId: "593F15F7-E610-458B-B094-BF6AC53B719A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "EC0E7811-3B60-46E7-943C-E0E7ED00FB01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "50D26799-D038-470A-A468-58DBDB64A7E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "D3769BD6-B104-4F74-B8C4-89398A8894FB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "9757DD5E-42A6-44B8-9692-49690F60C8D1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "A7B5A014-D4EE-4244-AABA-0873492F7295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "CD9F8C2A-A94E-4D99-839B-47AAE8754191", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*", matchCriteriaId: "69D29A9E-DB23-4D86-B4A3-3C4F663416AD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*", matchCriteriaId: "D86AEE89-9F8E-43A5-A888-F421B10DB2C7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*", matchCriteriaId: "D335628F-EC07-43BE-9B29-3365A6F64D71", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*", matchCriteriaId: "D4EF7D71-3AAF-4112-831A-3538C5B82594", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.11:*:*:*:*:*:*:*", matchCriteriaId: "89835508-F72F-4D8A-8E4A-5CFAA5F90C24", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:7.0:*:*:*:*:*:*:*", matchCriteriaId: "7344422F-F65A-4000-A9EF-8D323DA29011", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.", }, { lang: "es", value: "El servidor mod_dav_svn en Subversion 1.5.0 hasta 1.7.19 y 1.8.0 hasta 1.8.11 permite a usuarios remotos autenticados falsificar la propiedad svn:author a través de secuencias manipuladas de solicitudes del protocolo v1 HTTP.", }, ], id: "CVE-2015-0251", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-08T18:59:02.843", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { source: "secalert@redhat.com", url: "http://seclists.org/fulldisclosure/2015/Jun/32", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2015-0251-advisory.txt", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3231", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/74259", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033214", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201610-05", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2015/Jun/32", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2015-0251-advisory.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3231", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201610-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205217", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4", versionEndIncluding: "5.4.40", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*", matchCriteriaId: "14D652D3-59BB-4BCA-95E4-87A8102154CA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*", matchCriteriaId: "59A42F02-F363-4C13-BE83-19F757B84455", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, { lang: "es", value: "PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 trunca un nombre de ruta al encontrar un caracter \\x00 en ciertas situaciones, lo que permite a atacantes remotos evadir la restricciones de extensión y acceder a ficheros o directorios con nombres no esperados a través de un argumento manipulado en (1) set_include_path, (2) tempnam, (3) rmdir, o (4) readlink. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2006-7243.", }, ], id: "CVE-2015-4025", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:07.723", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74904", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032431", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=69418", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74904", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=69418", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-19", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-06-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| libndp | libndp | * | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 15.10 | |
| canonical | ubuntu_linux | 16.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libndp:libndp:*:*:*:*:*:*:*:*", matchCriteriaId: "41E78AA0-94CE-46C0-ADF7-7EDE16D81BDB", versionEndIncluding: "1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.", }, { lang: "es", value: "libndp en versiones anteriores a 1.6, como es usado en NetworkManager, no valida correctamente el origen de los mensajes Neighbor Discovery Protocol (NDP), lo que provoca a atacantes remotos llevar a cabo ataques man-in-the-middle o provocar una caída del servicio (interrupción de la conectividad de red) anunciando un nodo como un router de una red no local.", }, ], id: "CVE-2016-3698", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-06-13T19:59:02.753", references: [ { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3581", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2016/05/17/9", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2980-1", }, { source: "secalert@redhat.com", url: "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839", }, { source: "secalert@redhat.com", url: "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f", }, { source: "secalert@redhat.com", url: "https://rhn.redhat.com/errata/RHSA-2016-1086.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3581", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/05/17/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2980-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://rhn.redhat.com/errata/RHSA-2016-1086.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-14 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 16.10 | |
| nettle_project | nettle | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*", matchCriteriaId: "1AFB20FA-CB00-4729-AB3A-816454C6D096", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nettle_project:nettle:*:*:*:*:*:*:*:*", matchCriteriaId: "471AC546-33AD-45D6-A6FD-70062E99B7E0", versionEndExcluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.", }, { lang: "es", value: "El código de descifrado RSA y DSA en Nettle facilita a los atacantes cubrir las claves privadas a través de un ataque de canal secundario de caché.", }, ], id: "CVE-2016-6489", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-14T18:59:00.737", references: [ { source: "security@debian.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2582.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/07/29/7", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3193-1", }, { source: "security@debian.org", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362016", }, { source: "security@debian.org", tags: [ "Technical Description", ], url: "https://eprint.iacr.org/2016/596.pdf", }, { source: "security@debian.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201706-21", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2582.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/07/29/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3193-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362016", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", ], url: "https://eprint.iacr.org/2016/596.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201706-21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, ], sourceIdentifier: "security@debian.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-203", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| freetype | freetype | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.", }, { lang: "es", value: "Error de superación de límite (off-by-one) en la función pcf_get_properties en pcf/pcfread.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de aplicación) a través de un fichero PCF manipulado con un valor de tamaño 0xffffffff que está incrementado incorrectamente.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", id: "CVE-2014-9671", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-02-08T11:59:32.617", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=157", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=157", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| debian | debian_linux | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.", }, { lang: "es", value: "Múltiples desbordamientos de enteros en sfnt/ttcmap.c en FreeType anterior a 2.5.4 permiten a atacantes remotos causar una denegación de servicio (lectura fuera de rango o corrupción de memoria) o posiblemente tener otro impacto no especificado a través de una tabla SFNT cmap manipulada.", }, ], id: "CVE-2014-9669", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-02-08T11:59:30.850", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=163", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4", versionEndIncluding: "5.4.40", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*", matchCriteriaId: "14D652D3-59BB-4BCA-95E4-87A8102154CA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*", matchCriteriaId: "59A42F02-F363-4C13-BE83-19F757B84455", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*", matchCriteriaId: "D06BF4CE-299F-42E4-BA0A-5D68788C92DF", versionEndIncluding: "7.5.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.", }, { lang: "es", value: "Vulnerabilidad de complejidad algorítmica en la función multipart_buffer_headers en main/rfc1867.c en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 permiten a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de datos de formularios manipulados que provocan un resultado de orden de crecimiento incorrecto.", }, ], id: "CVE-2015-4024", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:06.770", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74903", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032432", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69364", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69364", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-21 14:25
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| libarchive | libarchive | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*", matchCriteriaId: "6A6EFED3-4FD3-413D-85C2-73F746F346E8", versionEndIncluding: "3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica en la función parse_codes en archive_read_support_format_rar.c en libarchive en versiones anteriores a 3.2.1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo RAR con un diccionario de tamaño cero.", }, ], id: "CVE-2016-4302", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-21T14:25:04.517", references: [ { source: "cret@cert.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { source: "cret@cert.org", tags: [ "Issue Tracking", ], url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "cret@cert.org", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "cret@cert.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "cret@cert.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91331", }, { source: "cret@cert.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://www.talosintel.com/reports/TALOS-2016-0154/", }, { source: "cret@cert.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", }, { source: "cret@cert.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/issues/719", }, { source: "cret@cert.org", url: "https://security.gentoo.org/glsa/201701-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91331", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://www.talosintel.com/reports/TALOS-2016-0154/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/issues/719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-03", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| xmlsoft | libxml2 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", }, { lang: "es", value: "La función xmlNextChar en libxml2 2.9.2 no comprueba correctamente el estado, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (sobre lectura de buffer basado en memoria dinámica y caída de la aplicación) u obtener información sensible a través de datos XML manipulados.", }, ], id: "CVE-2015-8241", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-15T21:59:06.307", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/77621", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1034243", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756263", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", }, { source: "cve@mitre.org", url: "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/77621", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-21 14:25
Modified
2025-04-12 10:46
Severity ?
Summary
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| redhat | openshift | 3.1 | |
| redhat | openshift | 3.2 | |
| libarchive | libarchive | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", matchCriteriaId: "F8E35FAB-695F-44DA-945D-60B47C1F200B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "F33CEF04-05FA-444C-BB14-F3E3434AF61F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*", matchCriteriaId: "6A6EFED3-4FD3-413D-85C2-73F746F346E8", versionEndIncluding: "3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.", }, { lang: "es", value: "El código sandboxing en libarchive 3.2.0 y versiones anteriores no maneja adecuadamente entradas de archivo de vínculo físico de datos de tamaño distinto de cero, lo que podría permitir a atacantes remotos escribir a archivos arbitrarios a través de un archivo manipulado.", }, ], id: "CVE-2016-5418", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-21T14:25:13.457", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Technical Description", ], url: "http://www.openwall.com/lists/oss-security/2016/08/09/2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/93165", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1852", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1853", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362601", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Technical Description", ], url: "https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", ], url: "https://github.com/libarchive/libarchive/issues/746", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201701-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", ], url: "http://www.openwall.com/lists/oss-security/2016/08/09/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1852", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1853", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", ], url: "https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://github.com/libarchive/libarchive/issues/746", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-03", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-19", }, { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:00
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | linux | 7 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| debian | debian_linux | 8.0 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| oracle | solaris | 11.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con Options.", }, ], id: "CVE-2016-0505", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:00:53.573", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81088", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81088", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.", }, { lang: "es", value: "La función tt_face_load_hdmx en truetype/ttpload.c en FreeType anterior a 2.5.4 no establece un tamaño de registro mínimo, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de una fuente TrueType manipulada.", }, ], id: "CVE-2014-9657", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:19.647", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=195", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=195", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-11-15 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ruby-lang | ruby | * | |
| ruby-lang | ruby | 2.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.0.0 | |
| ruby-lang | ruby | 2.1 | |
| ruby-lang | ruby | 2.1 | |
| ruby-lang | ruby | 2.1.1 | |
| ruby-lang | ruby | 2.1.2 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", matchCriteriaId: "814D61DB-61B7-49C1-B23C-1877CDF35011", versionEndIncluding: "1.9.3", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*", matchCriteriaId: "90E0471D-1323-4E67-B66C-DEBF3BBAEEAA", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B03B7561-A854-4EFA-9E4E-CFC4EEAE4EE1", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*", matchCriteriaId: "D2423B85-0971-42AC-8B64-819008BC5778", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:p195:*:*:*:*:*:*", matchCriteriaId: "1C663278-3B2A-4B7C-959A-2AA804467F21", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:p247:*:*:*:*:*:*", matchCriteriaId: "B7927149-A76A-48BC-8405-7375FC7D7486", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*", matchCriteriaId: "CB116A84-1652-4F5D-98AC-81F0349EEDC0", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*", matchCriteriaId: "259C21E7-6084-4710-9BB3-C232942A451E", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*", matchCriteriaId: "285A3431-BDFE-40C5-92CD-B18217757C23", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*", matchCriteriaId: "D66B32CB-AC49-4A1C-85ED-6389F27CB319", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.1:-:*:*:*:*:*:*", matchCriteriaId: "77020036-DC99-461B-9A36-E8C0BE44E6B8", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.1:preview1:*:*:*:*:*:*", matchCriteriaId: "7A2C6617-222D-4EA3-A194-4D69B10197DE", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "8DF046E4-503B-4A10-BEAB-3144BD86EA49", vulnerable: true, }, { criteria: "cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*", matchCriteriaId: "9FCA45F1-3038-413A-B8C3-EE366A4E6248", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.", }, { lang: "es", value: "Error de superación de límite (off-by-one) en la función de codificación ubicada en pack.c en Ruby 1.9.3 y anteriores, y 2.x hasta 2.1.2, cuando se utilizan ciertos especificadores de formato de cadena, permite a atacantes dependientes de contexto provocar una denegación de servicio (fallo de segmentación) a través de vectores que provocan un desbordamiento de buffer basado en pila.", }, ], id: "CVE-2014-4975", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-11-15T20:59:01.453", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0472.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1912.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1913.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1914.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3157", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:129", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2014/07/09/13", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/68474", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2397-1", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://bugs.ruby-lang.org/issues/10019", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1118158", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0472.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1912.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1913.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1914.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3157", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2014/07/09/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/68474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2397-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://bugs.ruby-lang.org/issues/10019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1118158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94706", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-11 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| setroubleshoot_project | setroubleshoot | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*", matchCriteriaId: "5C62A645-0382-4719-99D0-2247C4EAA2A0", versionEndIncluding: "3.2.22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.", }, { lang: "es", value: "El complemento allow_execmod para setroubleshoot en versiones anteriores a 3.2.23 permite a los usuarios locales ejecutar comandos arbitrarios al activar una denegación de SELinux de execmod con un nombre de archivo binario manipulado, relacionado con la función commands.getstatusoutput.", }, ], id: "CVE-2016-4444", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-11T18:59:00.213", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91476", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036144", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332644", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332644", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.", }, { lang: "es", value: "La función mcopy en softmagic.c en file 5.x, tal como se utiliza en el componente Fileinfo en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8, no restringe correctamente un cierto valor de desplazamiento, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de una cadena manipulada que no es manejada correctamente por una regla \"secuencia de comandos de texto ejecutable de Python\".", }, ], id: "CVE-2015-4605", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:13.220", references: [ { source: "secalert@redhat.com", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75233", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=68819", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=68819", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * | |
| apple | watchos | * | |
| xmlsoft | libxml2 | * | |
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", matchCriteriaId: "080450EA-85C1-454D-98F9-5286D69CF237", versionEndIncluding: "9.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82", versionEndIncluding: "10.11.3", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", matchCriteriaId: "B7CF16CB-120B-4FC0-B7A2-2FCD3324EA8A", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", matchCriteriaId: "FBF14807-BA21-480B-9ED0-A6D53352E87F", versionEndIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.", }, { lang: "es", value: "La función xmlStringLenDecodeEntities en parser.c en libxml2 en versiones anteriores a 2.9.3 no previene adecuadamente la expansión de entidad, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (consumo de CPU) a través de datos XML manipulados, una vulnerabilidad diferente a CVE-2014-3660.", }, ], id: "CVE-2015-5312", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-15T21:59:00.113", references: [ { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/79536", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1034243", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1276693", }, { source: "secalert@redhat.com", url: "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/79536", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1276693", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-07 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | automatic_bug_reporting_tool | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:automatic_bug_reporting_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "5A8C122D-5975-4348-80F4-C2EB87EC74CE", versionEndIncluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.", }, { lang: "es", value: "El programa de ayuda abrt-hook-ccpp en Automatic Bug Reporting Tool (ABRT) en versiones anteriores a 2.7.1 permite a usuarios locales con ciertos permisos obtener privilegios a través de un ataque de enlace simbólico en un archivo con un nombre predecible, según lo demostrado por /var/tmp/abrt/abrt-hax-coredump o /var/spool/abrt/abrt-hax-coredump.", }, ], id: "CVE-2015-5287", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-07T18:59:02.230", references: [ { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/154592/ABRT-sosreport-Privilege-Escalation.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/78137", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1266837", }, { source: "secalert@redhat.com", url: "https://github.com/abrt/abrt/commit/3c1b60cfa62d39e5fff5a53a5bc53dae189e740e", }, { source: "secalert@redhat.com", url: "https://www.exploit-db.com/exploits/38832/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/154592/ABRT-sosreport-Privilege-Escalation.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/78137", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1266837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/abrt/abrt/commit/3c1b60cfa62d39e5fff5a53a5bc53dae189e740e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/38832/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.", }, { lang: "es", value: "sfnt/ttload.c en FreeType anterior a 2.5.4 proceda con los cálculos de la longitud de offset sin restringir los valores, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de enteros y lectura fuera de rango) o posiblemnete tener otro impacto no especificado a través de una tabla SFNT manipulada.", }, ], id: "CVE-2014-9667", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:29.133", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=166", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "75251AA9-6304-4C01-A334-6F6CD045A497", versionEndIncluding: "1.0.1n", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*", matchCriteriaId: "18797BEE-417D-4959-9AAD-C5A7C051B524", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*", matchCriteriaId: "6FAA3C31-BD9D-45A9-A502-837FECA6D479", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*", matchCriteriaId: "6455A421-9956-4846-AC7C-3431E0D37D23", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", matchCriteriaId: "60F946FD-F564-49DA-B043-5943308BA9EE", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", matchCriteriaId: "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", matchCriteriaId: "A39C31E3-75C0-4E92-A6B5-7D67B22E3449", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BB318EA4-2908-4B91-8DBB-20008FDF528A", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "1F4E46A9-B652-47CE-92E8-01021E57724B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", matchCriteriaId: "36DD8E3F-6308-4680-B932-4CBD8E58A7FB", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", matchCriteriaId: "1DA9F0F7-D592-481E-884C-B1A94E702825", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", matchCriteriaId: "6CD857E7-B878-49F9-BDDA-93DDEBB0B42B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", matchCriteriaId: "FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A47AB858-36DE-4330-8CAC-1B46C5C8DA80", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", matchCriteriaId: "49413FF7-7910-4F74-B106-C3170612CB2A", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", matchCriteriaId: "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "A8882E50-7C49-4A99-91F2-DF979CF8BB2F", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", matchCriteriaId: "98C32982-095C-4628-9958-118A3D3A9CAA", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", matchCriteriaId: "FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", matchCriteriaId: "7C4E6353-B77A-464F-B7DE-932704003B33", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "77125688-2CCA-4990-ABB2-551D47CB0CDD", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", matchCriteriaId: "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B846C63A-7261-481E-B4A4-0D8C79E0D8A7", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E70C6D8D-C9C3-4D92-8DFC-71F59E068295", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "691FA41B-C2CE-413F-ABB1-0B22CB322807", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the \"negative zero\" issue.", }, { lang: "es", value: "La implementación ASN.1 en OpenSSL en versiones anteriores a 1.0.1o y 1.0.2 en versiones anteriores a 1.0.2c permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento inferior de buffer y corrupción de memoria) a través de un campo ANY en datos serializados manipulados, también conocido como el problema \"cero negativo\".", }, ], id: "CVE-2016-2108", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-05T01:59:04.230", references: [ { source: "secalert@redhat.com", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "secalert@redhat.com", url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { source: "secalert@redhat.com", url: "http://support.citrix.com/article/CTX212736", }, { source: "secalert@redhat.com", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/89752", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/91787", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1035721", }, { source: "secalert@redhat.com", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2016:1137", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2017:0193", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2017:0194", }, { source: "secalert@redhat.com", url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "secalert@redhat.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "secalert@redhat.com", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871", }, { source: "secalert@redhat.com", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { source: "secalert@redhat.com", url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "secalert@redhat.com", url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201612-16", }, { source: "secalert@redhat.com", url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "secalert@redhat.com", url: "https://support.apple.com/HT206903", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "secalert@redhat.com", url: "https://www.tenable.com/security/tns-2016-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.citrix.com/article/CTX212736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/89752", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2016:1137", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:0193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:0194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201612-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.tenable.com/security/tns-2016-18", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-12-08 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | hivex | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:debian:hivex:*:*:*:*:*:*:*:*", matchCriteriaId: "9C345E9F-F4FB-46BE-B55C-DBD7E7DD605F", versionEndIncluding: "1.3.10-2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.", }, { lang: "es", value: "lib/handle.c en Hivex anterior a 1.3.11 permite a usuarios locales ejecutar código arbitrario y ganar privilegios a través de un fichero de hive pequeño, lo que provoca una lectura o escritura fuera de rango.", }, ], id: "CVE-2014-9273", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-08T16:59:11.947", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00005.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0301.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1378.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/62792", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/11/25/6", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/12/04/14", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/71279", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1167756", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201503-07", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.redhat.com/archives/libguestfs/2014-October/msg00235.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0301.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1378.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/62792", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/11/25/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/12/04/14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/71279", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1167756", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", ], url: "https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-07", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.redhat.com/archives/libguestfs/2014-October/msg00235.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-03-24 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | icedtea7 | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 1.8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:icedtea7:*:*:*:*:*:*:*:*", matchCriteriaId: "5135E87C-74A2-4CC0-A08E-7CE4224FBDE9", versionEndIncluding: "2.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:jdk:1.7.0:update97:*:*:*:*:*:*", matchCriteriaId: "9F65C05E-84C6-47E9-80D2-00C4EAD3298F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:1.8.0:update73:*:*:*:*:*:*", matchCriteriaId: "98B69D8A-14A9-4322-967A-9CACC2EBB05E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:1.8.0:update74:*:*:*:*:*:*", matchCriteriaId: "0B1C656A-7501-4417-9959-F21FFD85B512", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.7.0:update97:*:*:*:*:*:*", matchCriteriaId: "DD45A07E-499A-4B9B-842D-9A574D36C96C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.8.0:update73:*:*:*:*:*:*", matchCriteriaId: "62F92EDB-9B75-4B3D-9F65-C51BD16290E4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.8.0:update74:*:*:*:*:*:*", matchCriteriaId: "C92F4008-8AC7-4E30-A03B-F005A853E8C1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle Java SE 7u97, 8u73 y 8u74 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con el subcomponente Hotspot.", }, ], id: "CVE-2016-0636", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-03-24T18:59:00.120", references: [ { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00014.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00035.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0511.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0512.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0513.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0514.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0515.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0516.html", }, { source: "secalert_us@oracle.com", url: "http://www.debian.org/security/2016/dsa-3558", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", url: "http://www.securityfocus.com/bid/85376", }, { source: "secalert_us@oracle.com", url: "http://www.securitytracker.com/id/1035401", }, { source: "secalert_us@oracle.com", url: "http://www.ubuntu.com/usn/USN-2942-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-18", }, { source: "secalert_us@oracle.com", url: "https://security.gentoo.org/glsa/201610-08", }, { source: "secalert_us@oracle.com", url: "https://security.netapp.com/advisory/ntap-20160328-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0511.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0512.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0513.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0514.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0515.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0516.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/85376", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2942-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201610-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20160328-0001/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a \"deconfigured interpreter.\"", }, { lang: "es", value: "La función php_handler en sapi/apache2handler/sapi_apache2.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8, cuando Apache HTTP Server 2.4.x está utilizado, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de solicitudes HTTP segmentadas que resultan en un 'interprete desconfigurado.'", }, ], id: "CVE-2015-3330", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:03.613", references: [ { source: "cve@mitre.org", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2015/04/17/7", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74204", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1033703", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://bugs.php.net/bug.php?id=68486", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69218", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205267", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2015/04/17/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74204", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://bugs.php.net/bug.php?id=68486", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69218", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.", }, { lang: "es", value: "FreeType anterior a 2.5.4 no comprueba si hay un final de los datos durante ciertas acciones de análisis sintáctico, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de una fuente Type42 manipulada, relacionado con type42/t42parse.c y type1/t1load.c.", }, ], id: "CVE-2014-9664", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:26.413", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=183", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca", }, { source: "cve@mitre.org", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-25 18:29
Modified
2025-04-20 01:37
Severity ?
Summary
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-1228.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/75933 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1213365 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1228.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75933 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1213365 | Issue Tracking, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "16E6D998-B41D-4B49-9E00-8336D2E40A4A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6z:*:*:*:*:*:*:*", matchCriteriaId: "58495259-2B87-4B61-A9E0-17744D0768E6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.", }, { lang: "es", value: "El componente Hotspot en OpenJDK8, como empaquetado en Red Hat Enterprise Linux versión 6 y 7, permite a los usuarios locales escribir en archivos arbitrarios mediante un ataque de enlace simbólico.", }, ], id: "CVE-2015-3149", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-25T18:29:00.383", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75933", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1213365", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75933", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1213365", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-01-21 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | solaris | 11.3 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| debian | debian_linux | 7.0 | |
| oracle | mysql | * | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| fedoraproject | fedora | 20 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_workstation_extension | 12 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "390E3C4E-6B4D-4C58-8B4C-1D386EA405D9", versionEndIncluding: "5.5.40", versionStartIncluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", matchCriteriaId: "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "2369490D-1828-42D9-98F9-7785717428D2", versionEndExcluding: "5.5.41", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "FCD8904B-4692-403C-B0AA-C972D08C2FA8", versionEndExcluding: "10.0.16", versionStartIncluding: "10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL Server 5.5.40 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores relacionados con Server : InnoDB : DDL : Foreign Key.", }, ], id: "CVE-2015-0432", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-01-21T19:59:17.797", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0116.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0117.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0118.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { source: "secalert_us@oracle.com", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/62728", }, { source: "secalert_us@oracle.com", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/62730", }, { source: "secalert_us@oracle.com", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/62732", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3135", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/72217", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1031581", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2480-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/100187", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0116.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0117.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0118.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/62728", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/62730", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/62732", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3135", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/72217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1031581", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2480-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/100187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201504-05", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-07-19 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_server_tus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| hp | system_management_homepage | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomcat | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "6755B6AD-0422-467B-8115-34A60B1D1A40", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*", matchCriteriaId: "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10", versionEndIncluding: "7.5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "036BA560-793B-48A6-93D6-868111C66E27", versionEndIncluding: "6.0.45", versionStartIncluding: "6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "270A4D76-2684-4EFC-A039-91D64F96A1DB", versionEndIncluding: "7.0.70", versionStartIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "8264714E-208A-4B91-9F9F-C7EE59E73898", versionEndIncluding: "8.5.4", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388\"; in other words, this is not a CVE ID for a vulnerability.", }, { lang: "es", value: "Apache Tomcat, en versiones 7.x hasta la 7.0.70 y versiones 8.x hasta la 8.5.4, cuando el Servlet CGI está habilitado, sigue la sección 4.1.18 de RFC 3875 y, por lo tanto, no protege aplicaciones ante la presencia de datos de cliente no fiables en la variable de entorno HTTP_PROXY. Esto podría permitir que atacantes remotos redirijan el tráfico HTTP saliente de una aplicación a un servidor proxy arbitrario mediante una cabecera Proxy manipulada en una petición HTTP. Esto también se conoce como problema \"httpoxy\". NOTA: el fabricante indica que \"se ha planeado una mitigación para futuros lanzamientos de Tomcat, marcado con CVE-2016-5388\"; en otras palabras, esto no es el ID de CVE de una vulnerabilidad.", }, ], id: "CVE-2016-5388", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-07-19T02:00:20.820", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/797896", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91818", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securitytracker.com/id/1036331", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1635", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1636", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://httpoxy.org/", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.apache.org/security/asf-httpoxy-response.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/797896", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91818", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securitytracker.com/id/1036331", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1635", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1636", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://httpoxy.org/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.apache.org/security/asf-httpoxy-response.txt", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-21 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", matchCriteriaId: "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", matchCriteriaId: "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", matchCriteriaId: "35BBD83D-BDC7-4678-BE94-639F59281139", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", matchCriteriaId: "2076747F-A98E-4DD9-9B52-BF1732BCAD3D", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*", matchCriteriaId: "DB2A1559-651C-46B0-B436-8E03DC8A60D2", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:manager:2.1:*:*:*:*:*:*:*", matchCriteriaId: "2A33B9F5-E0D1-4A3E-9FFB-5602A25F3227", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*", matchCriteriaId: "53F0F5A0-70D9-4305-A834-B6FF71E27B30", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*", matchCriteriaId: "88BCD7DC-0FEF-477D-8698-F8D8F1A49D90", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", matchCriteriaId: "9C649194-B8C2-49F7-A819-C635EE584ABF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ntp:ntp:*:p4:*:*:*:*:*:*", matchCriteriaId: "05D076CA-85DD-48B4-9A8A-F413FFBFB55F", versionEndIncluding: "4.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).", }, { lang: "es", value: "La comprobación panic_gate en NTP anterior a versión 4.2.8p5 es solo habilitada nuevamente después del primer cambio al reloj del sistema que fue mayor que 128 milisegundos por defecto, permitiendo a los atacantes remotos fijar el NTP a un tiempo arbitrario cuando arranca con la opción -g, o alterar el tiempo hasta 900 segundos, de lo contrario por respuesta a un número no especificado de peticiones de fuentes de confianza y aprovechando una denegación de servicio resultante (anular y reiniciar).", }, ], id: "CVE-2015-5300", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-21T14:29:00.927", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170684.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1930.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/bugtraq/2016/Feb/164", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/NtpBug2956", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/77312", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034670", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa113", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1271076", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01", }, { source: "secalert@redhat.com", url: "https://security.netapp.com/advisory/ntap-20171004-0001/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX220112", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21979393", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21980676", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983501", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983506", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.cs.bu.edu/~goldbe/NTPattack.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:02.ntp.asc", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170684.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1930.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/bugtraq/2016/Feb/164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/NtpBug2956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/77312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034670", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1271076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20171004-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX220112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21979393", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21980676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.cs.bu.edu/~goldbe/NTPattack.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:02.ntp.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-361", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-06-07 14:06
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.7.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| spice_project | spice | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:spice_project:spice:*:*:*:*:*:*:*:*", matchCriteriaId: "DEBE327D-19D9-41F1-8EF7-6D894CE35655", versionEndIncluding: "0.12.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.", }, { lang: "es", value: "Desbordamiento de buffer basado en memoria dinámica en SPICE en versiones anteriores a 0.12.6 permite a usuarios invitados del SO leer y escribir en localizaciones de memoria arbitrarias en el anfitrión a través de comandos QXL de invitado relacionados con la creación de superficie.", }, ], id: "CVE-2015-5261", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-06-07T14:06:07.683", references: [ { source: "secalert@redhat.com", url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3371", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/10/06/4", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033753", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2766-1", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1261889", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201606-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/10/06/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033753", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2766-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1261889", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-05", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "0C5FF5EF-B5D2-4BFE-8C0E-DF1F99F3989D", versionEndIncluding: "10.10.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.", }, { lang: "es", value: "ext/phar/phar.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permite a atacantes remotos obtener información sensible de la memoria de procesos o causar una denegación de servicio (sobre lectura de buffer y caída de aplicación) a través de un valor de longitud manipulado en conjunto con datos seializados manipulados en un archivo phar, relacionado con las funciones phar_parse_metadata y phar_parse_pharfile.", }, ], id: "CVE-2015-2783", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:00.067", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74239", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032146", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69324", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT205267", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74239", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69324", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT205267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| freetype | freetype | * | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.", }, { lang: "es", value: "type42/t42parse.c en FreeType anterior a 2.5.4 no considera que escaneo puede resultar incompleto sin provoca un error, lo que permite a atacantes remotos causar una denegación de servicio (uso después de liberación) o posiblemente tener otro impacto no especificado a través de una fuente Type42 manipulada.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", id: "CVE-2014-9661", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:23.587", references: [ { source: "cve@mitre.org", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=187", }, { source: "cve@mitre.org", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4", }, { source: "cve@mitre.org", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", url: "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-09-28 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 12.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "FBA81CDE-05EC-4045-AAA6-D29AD6A63121", versionEndExcluding: "3.10.55", versionStartIncluding: "3.6", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "BBF71F21-E234-4CDD-87E7-D0F9ADDEFAD3", versionEndExcluding: "3.12.29", versionStartIncluding: "3.11", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "FC374559-3F85-41BF-A19D-10E2C20A83F1", versionEndExcluding: "3.14.19", versionStartIncluding: "3.13", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "ED968306-E23D-47D4-A2D0-533309AE355C", versionEndExcluding: "3.16.3", versionStartIncluding: "3.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.", }, { lang: "es", value: "La función SMB2_tcon en fs/cifs/smb2pdu.c en el kernel de Linux anterior a 3.16.3 permite a servidores remotos CIFS causar una denegación de servicio (referencia a puntero nulo y caída del sistema cliente) o posiblemente tener otro impacto no especificado mediante la eliminación de el compartido IPC$ durante la resolución de las referencias DFS.", }, ], id: "CVE-2014-7145", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-09-28T10:55:10.720", references: [ { source: "cve@mitre.org", url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0102.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/09/22/4", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/69867", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2394-1", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0102.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/09/22/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/69867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2394-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-21 14:25
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libarchive | libarchive | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*", matchCriteriaId: "6A6EFED3-4FD3-413D-85C2-73F746F346E8", versionEndIncluding: "3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.", }, { lang: "es", value: "Desbordamiento de entero en la función read_SubStreamsInfo en archive_read_support_format_7zip.c en libarchive en versiones anteriores a 3.2.1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo 7zip con un gran número de subcorrientes, lo que desencadena un desbordamiento de búfer basado en memoria dinámica.", }, ], id: "CVE-2016-4300", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-21T14:25:01.940", references: [ { source: "cret@cert.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "cret@cert.org", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "cret@cert.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "cret@cert.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91326", }, { source: "cret@cert.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://www.talosintel.com/reports/TALOS-2016-0152/", }, { source: "cret@cert.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1348439", }, { source: "cret@cert.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", }, { source: "cret@cert.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/libarchive/libarchive/issues/718", }, { source: "cret@cert.org", url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00062&languageid=en-fr", }, { source: "cret@cert.org", url: "https://security.gentoo.org/glsa/201701-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://www.talosintel.com/reports/TALOS-2016-0152/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1348439", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/libarchive/libarchive/issues/718", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00062&languageid=en-fr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-03", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | linux | 7 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| oracle | solaris | 11.3 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con UDF.", }, ], id: "CVE-2016-0608", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:35.037", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81226", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81226", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-14 05:01
Modified
2025-04-12 10:46
Severity ?
Summary
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| mit | kerberos_5 | 1.10 | |
| mit | kerberos_5 | 1.10.1 | |
| mit | kerberos_5 | 1.10.2 | |
| mit | kerberos_5 | 1.10.3 | |
| mit | kerberos_5 | 1.10.4 | |
| mit | kerberos_5 | 1.11 | |
| mit | kerberos_5 | 1.11.1 | |
| mit | kerberos_5 | 1.11.2 | |
| mit | kerberos_5 | 1.11.3 | |
| mit | kerberos_5 | 1.11.4 | |
| mit | kerberos_5 | 1.11.5 | |
| mit | kerberos_5 | 1.12 | |
| mit | kerberos_5 | 1.12.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", matchCriteriaId: "FC504264-A9E9-4433-B7AA-6D5015A93FF3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "77FA352F-520C-4C05-AD52-FC8586DB16B1", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", matchCriteriaId: "9FFB18F7-CB08-4AE4-9DEC-55D047819A0A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", matchCriteriaId: "637E858A-7C16-490C-99A8-F46440E5F504", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", matchCriteriaId: "22840B84-2EA4-4E96-A8D8-154AAEADB806", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", matchCriteriaId: "2D554BDC-CD7D-4572-B1E8-5F627F2C5916", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "65BCD38A-33AD-4FD7-AF5B-8470B24C4139", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E11F9209-799A-428B-9513-DBD0F19C7BF4", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "1DA40FAA-B858-4282-8438-247E99FBB002", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "65795542-D886-46C4-8ECB-4630078DF66A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "D0A4C436-C3D7-469E-8895-8EEC9569EE86", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", matchCriteriaId: "79A9FAE9-7219-4D6A-9E94-FFE20223537D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "EA68BC90-FCFC-4C9B-8574-9029DB2358E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.", }, { lang: "es", value: "La función acc_ctx_cont en el aceptador SPNEGO en lib/gssapi/spnego/spnego_mech.c en MIT Kerberos 5 (también conocido como krb5) 1.5.x hasta 1.12.x anterior a 1.12.2 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de la aplicación) a través de un token de continuación vacío en cierto momento durante una negociación SPNEGO.", }, ], id: "CVE-2014-4344", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-14T05:01:49.943", references: [ { source: "cve@mitre.org", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "cve@mitre.org", url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/59102", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/60082", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/60448", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/61051", }, { source: "cve@mitre.org", url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/109389", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/69160", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1030706", }, { source: "cve@mitre.org", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", }, { source: "cve@mitre.org", url: "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60448", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/61051", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/109389", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/69160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1030706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | wpa_supplicant | 0.7.0 | |
| w1.fi | wpa_supplicant | 0.7.1 | |
| w1.fi | wpa_supplicant | 0.7.2 | |
| w1.fi | wpa_supplicant | 0.7.3 | |
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| w1.fi | hostapd | 0.7.0 | |
| w1.fi | hostapd | 0.7.1 | |
| w1.fi | hostapd | 0.7.2 | |
| w1.fi | hostapd | 0.7.3 | |
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | hostapd | 2.3 | |
| w1.fi | hostapd | 2.4 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "66B567FD-E20D-4043-B6DD-E14EA7B487C8", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.1:*:*:*:*:*:*:*", matchCriteriaId: "AC6D0E07-3A95-47D3-AACA-FAA0F4A0C6DC", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.2:*:*:*:*:*:*:*", matchCriteriaId: "ACF6ADDB-57C6-435D-8D64-D11BC5F3D71F", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF264-2315-43CE-B2A6-4234B394854C", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*", matchCriteriaId: "F3EF53AD-F985-446E-89B8-4BFECE00AD63", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*", matchCriteriaId: "0A11DBFA-9F0E-4358-8541-E5371C11FE80", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*", matchCriteriaId: "738AEB08-FF7D-4DC3-AB14-B8F2B9474810", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*", matchCriteriaId: "1E8C5523-16E4-417E-A159-F5D0F9E83C5B", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*", matchCriteriaId: "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*", matchCriteriaId: "AB93C2FC-6913-448E-8B93-EEB2229EC86C", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0ECA3172-7088-4B5E-923D-37B155729BD2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "A01092A1-8D52-4474-BC85-663BCA683208", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:0.7.1:*:*:*:*:*:*:*", matchCriteriaId: "B79614B8-BEEC-4772-944B-F631D85A278D", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*", matchCriteriaId: "5C5CBC86-4F65-4A1E-8423-D599B8F89EE6", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*", matchCriteriaId: "06119A43-B1CA-4021-87D2-C67BE6125423", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*", matchCriteriaId: "768D16AF-3A8B-47DD-A499-948A73062AE1", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*", matchCriteriaId: "3BECC3EF-2777-4FF9-9750-93D1245A9247", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E2D07095-6331-4079-BD86-E414CEE35624", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*", matchCriteriaId: "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*", matchCriteriaId: "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*", matchCriteriaId: "2B4681FC-44F4-4E86-8431-8EDAD65492D0", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*", matchCriteriaId: "EC6FB535-AFFF-4083-AF1D-9E1ED504158F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.", }, { lang: "es", value: "Subdesbordamiento de enteros en el analizador sintáctico Frame de WMM Action en hostapd 0.5.5 hasta 2.4 y wpa_supplicant 0.7.0 hasta 2.4, cuando utilizado para la funcionalidad MLME/SME del modo AP, permite a atacantes remotos causar una denegación de servicio (caída) a través de un Frame manipulado, lo que provoca una lectura fuera de rango.", }, ], id: "CVE-2015-4142", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-15T15:59:06.850", references: [ { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1439.html", }, { source: "cve@mitre.org", url: "http://seclists.org/fulldisclosure/2022/May/34", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3397", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/05/09/5", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/05/31/6", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032625", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2650-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-17", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT213258", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1439.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2022/May/34", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/05/09/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/05/31/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032625", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2650-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT213258", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, { lang: "es", value: "La función __PHP_Incomplete_Class en ext/standard/incomplete_class.c en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un tipo de dato no esperado, relacionado con un caso \"type confusion\".", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/843.html\">Access of Resource Using Incompatible Type ('Type Confusion')</a>", id: "CVE-2015-4602", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:10.127", references: [ { source: "secalert@redhat.com", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1", }, { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75249", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-17 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| gnu | glibc | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", matchCriteriaId: "341320B9-8C6F-40EC-ADF9-0EA8A7D51FF8", versionEndIncluding: "2.19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.", }, { lang: "es", value: "La función get_contents en nss_files/files-XXX.c en el Name Service Switch (NSS) en GNU C Library (también conocida como glibc o libc6) en versiones anteriores a 2.20 puede permitir a usuarios locales causar una denegación de servicio (corrupción de pila) o ganar privilegios a través de una larga fila en la base de datos de archivos NSS.", }, ], id: "CVE-2015-5277", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-17T19:59:02.573", references: [ { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-2172.html", }, { source: "secalert@redhat.com", url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/78092", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1034196", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2985-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2985-2", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262914", }, { source: "secalert@redhat.com", url: "https://seclists.org/bugtraq/2019/Sep/7", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201702-11", }, { source: "secalert@redhat.com", url: "https://sourceware.org/bugzilla/show_bug.cgi?id=17079", }, { source: "secalert@redhat.com", url: "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-2172.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/78092", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034196", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2985-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2985-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262914", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Sep/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201702-11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://sourceware.org/bugzilla/show_bug.cgi?id=17079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-14 05:01
Modified
2025-04-12 10:46
Severity ?
Summary
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| mit | kerberos_5 | 1.10 | |
| mit | kerberos_5 | 1.10.1 | |
| mit | kerberos_5 | 1.10.2 | |
| mit | kerberos_5 | 1.10.3 | |
| mit | kerberos_5 | 1.10.4 | |
| mit | kerberos_5 | 1.11 | |
| mit | kerberos_5 | 1.11.1 | |
| mit | kerberos_5 | 1.11.2 | |
| mit | kerberos_5 | 1.11.3 | |
| mit | kerberos_5 | 1.11.4 | |
| mit | kerberos_5 | 1.11.5 | |
| mit | kerberos_5 | 1.12 | |
| mit | kerberos_5 | 1.12.1 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", matchCriteriaId: "FC504264-A9E9-4433-B7AA-6D5015A93FF3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "77FA352F-520C-4C05-AD52-FC8586DB16B1", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", matchCriteriaId: "9FFB18F7-CB08-4AE4-9DEC-55D047819A0A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", matchCriteriaId: "637E858A-7C16-490C-99A8-F46440E5F504", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", matchCriteriaId: "22840B84-2EA4-4E96-A8D8-154AAEADB806", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", matchCriteriaId: "2D554BDC-CD7D-4572-B1E8-5F627F2C5916", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "65BCD38A-33AD-4FD7-AF5B-8470B24C4139", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E11F9209-799A-428B-9513-DBD0F19C7BF4", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "1DA40FAA-B858-4282-8438-247E99FBB002", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "65795542-D886-46C4-8ECB-4630078DF66A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "D0A4C436-C3D7-469E-8895-8EEC9569EE86", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", matchCriteriaId: "79A9FAE9-7219-4D6A-9E94-FFE20223537D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "EA68BC90-FCFC-4C9B-8574-9029DB2358E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.", }, { lang: "es", value: "Vulnerabilidad de doble liberación en la función init_ctx_reselect en el iniciador SPNEGO en lib/gssapi/spnego/spnego_mech.c en MIT Kerberos 5 (también conocido como krb5) 1.10.x hasta 1.12.x anterior a 1.12.2 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente ejecutar código arbitrario a través de trafico de la red que parece venir de un aceptador intencionado, pero especifica un mecanismo de seguridad diferente al propuesto por el iniciador.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/415.html\" target=\"_blank\">CWE-415: Double Free</a>", id: "CVE-2014-4343", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-14T05:01:49.897", references: [ { source: "cve@mitre.org", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "cve@mitre.org", url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/59102", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/60082", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/60448", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/61052", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { source: "cve@mitre.org", url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/109390", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/69159", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1030706", }, { source: "cve@mitre.org", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60448", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/61052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/109390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/69159", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1030706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-19 18:55
Modified
2025-04-12 10:46
Severity ?
Summary
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:subversion:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D75936BB-5BE4-4B8C-B2A0-2BE13B713AE8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BFCE3B89-46A6-4D1F-AFB3-FCB6C3B66245", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E4DFB08D-01C2-4D95-8EB2-81F5C27AC656", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "A3625A8E-A326-4DCE-9CFB-B0E38FC54B6E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "106C86D0-84D9-4F44-821F-FD0D49EB32E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "156DD5C1-C2C3-4AD7-B432-79CC3EC32B63", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "75551DEC-A2BE-453D-9ABA-B3041A2607C0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CB5A2F0A-E06E-40C6-98C1-4343AA9C2EFF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "0FC70E13-59B6-4A75-9AF0-D38CCAB2D117", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.9:*:*:*:*:*:*:*", matchCriteriaId: "8316A374-3E3E-4FBA-AB57-9244812C8E2D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0EB42901-B207-4B41-B09C-91153A19C7D5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E3DA7ADC-6A81-4250-B6E1-4E4425156941", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "83D766B5-5F07-44F1-A488-127D18510989", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "2C8479EC-930C-47DB-9A02-E7B2F9101E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "D1D47331-B23A-4A6E-8F14-74628F0E1846", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "C9E2C35C-FEBA-4525-8A38-9C170B34FA07", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A098CEF5-04BE-48C0-8414-AFC9D03771E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "C39739A0-8C23-4167-B63D-1000F9D3B684", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0FD13E19-4B9C-4DBD-9339-7BFE5377689F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "35C2CFEF-2F6D-4F9A-9DDF-4CC6448BADC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "6D04C072-7D90-428F-A226-BAD0105D22B7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "856959BA-9945-4AA8-95D3-B3752C0D895D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "13109084-931E-4565-BEE5-794B83E6978D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "726B9C10-ACD5-41C2-A552-FD0046A75966", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "87D72A75-EDB9-4AD1-B6FC-8A918804DE0B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "B55A7A26-C994-4956-BBE7-BF3A51971295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "FB9E26AB-915A-477F-BA5C-10965A7098F9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "DFD49A9B-16A7-4362-8D62-6EB5ECBE4296", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "7B0CB798-F4ED-44E5-9B15-B7009EAC6303", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "67130DAF-AE81-43D2-A208-58A53746A7E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "90631FFA-9AB2-483D-B162-31A47428D280", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*", matchCriteriaId: "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*", matchCriteriaId: "341F900B-5179-4CB4-9F41-91B58B29C414", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3F34F463-6350-4F48-B037-856DDBB1A4FE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B2C813BA-B8F9-446B-A07F-B51F26815578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "3DF4080D-0D95-429E-88AA-1051A5520C01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "CF50F098-A055-4B79-AC35-6BD6F32D70F2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*", matchCriteriaId: "540461D4-87F4-42AB-ADDC-C7A067FE2893", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*", matchCriteriaId: "3E676744-C623-4894-8764-43588E56D2FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*", matchCriteriaId: "669735D1-1C14-4CD7-AA7C-AD2CA63A1979", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*", matchCriteriaId: "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*", matchCriteriaId: "D5F71F24-D909-49D9-8B4F-FA757FDF1C25", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*", matchCriteriaId: "034D1C36-B73E-443E-A6B4-44CC6E7BC043", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*", matchCriteriaId: "6D373245-8384-45E4-BE2E-E0518BD7F84F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*", matchCriteriaId: "EED44413-D313-4588-9A4B-25F79D0925A3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*", matchCriteriaId: "C193EB08-BBC2-43A2-B11A-9C7E2098862D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*", matchCriteriaId: "022A5BCE-A1DC-48E2-829D-AD9261562095", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*", matchCriteriaId: "155F83A1-A04A-48C0-A801-B38F129F310F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*", matchCriteriaId: "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*", matchCriteriaId: "27A15D05-29BA-4CCC-9348-A516E1E2C079", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*", matchCriteriaId: "2004B474-9869-445D-957D-20EF254FB461", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*", matchCriteriaId: "8F91A5E0-0DD8-47DD-B52E-A15E8064945F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*", matchCriteriaId: "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*", matchCriteriaId: "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*", matchCriteriaId: "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*", matchCriteriaId: "3194C6CE-3E8A-4861-AED1-942824974AE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8D102460-B5D5-46C4-8021-7C3510A5FCF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "92265E60-7BBF-4E8E-A438-4132D8FD57BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "346DE008-472F-47E1-8B96-F968C7D0A003", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*", matchCriteriaId: "4C9BDB22-29E0-48A3-8765-FAC6A3442A35", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*", matchCriteriaId: "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*", matchCriteriaId: "F63AB9E5-FD99-40A8-B24F-623BDDBCA427", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*", matchCriteriaId: "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*", matchCriteriaId: "B0B873C1-E7D6-4E55-A5A7-85000B686071", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*", matchCriteriaId: "87D2E8DD-4225-476A-AF17-7621C9A28391", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*", matchCriteriaId: "40D913E2-0FBD-4F6C-8A21-43A0681237BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*", matchCriteriaId: "4B869CEB-7637-48C3-8A4C-171CFB766B97", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*", matchCriteriaId: "75CF5BC1-7071-48A3-86A9-C843485CAED5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*", matchCriteriaId: "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*", matchCriteriaId: "200DB058-C9F0-4983-AF99-EBB8FC2E7875", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*", matchCriteriaId: "57697AAD-5264-4C05-89E4-0228DEF2E9DF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*", matchCriteriaId: "24295270-DCBF-4FF3-88F7-E9A30B6388E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*", matchCriteriaId: "22E754F2-5D3D-437E-BB15-693D2EB58DA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*", matchCriteriaId: "CF4232D2-1F70-4A06-BD11-A0DFE6CE0744", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "EC0E7811-3B60-46E7-943C-E0E7ED00FB01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "50D26799-D038-470A-A468-58DBDB64A7E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "D3769BD6-B104-4F74-B8C4-89398A8894FB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "9757DD5E-42A6-44B8-9692-49690F60C8D1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "A7B5A014-D4EE-4244-AABA-0873492F7295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "CD9F8C2A-A94E-4D99-839B-47AAE8754191", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*", matchCriteriaId: "69D29A9E-DB23-4D86-B4A3-3C4F663416AD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*", matchCriteriaId: "D86AEE89-9F8E-43A5-A888-F421B10DB2C7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*", matchCriteriaId: "D335628F-EC07-43BE-9B29-3365A6F64D71", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", matchCriteriaId: "F5D324C4-97C7-49D3-A809-9EAD4B690C69", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*", matchCriteriaId: "81EE9433-C21F-4902-B37E-CF4FC1132B72", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.", }, { lang: "es", value: "Apache Subversion 1.0.0 hasta 1.7.x anterior a 1.7.17 y 1.8.x anterior a 1.8.10 utiliza un hash MD5 de la URL y el reino (realm) de la autenticación para almacenar las credenciales de caché, lo que facilita a servidores remotos obtener credenciales a través de un reino (realm) de la autenticación manipulado.", }, ], id: "CVE-2014-3528", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-19T18:55:02.687", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59432", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/59584", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/60722", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2014-3528-advisory.txt", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/68995", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.ubuntu.com/usn/USN-2316-1", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201610-05", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT204427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59584", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2014-3528-advisory.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/68995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.ubuntu.com/usn/USN-2316-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201610-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT204427", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-255", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-12-25 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnome | gnome-shell | 3.14.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:gnome-shell:3.14.0:*:*:*:*:*:*:*", matchCriteriaId: "DD535807-17D9-4599-AEAE-5CC7FD3FF5A3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.", }, { lang: "es", value: "GNOME Shell 3.14.x anterior a 3.14.1, cuando se utiliza la característica Screen Lock, no se limita el consumo de memoria para todas las peticiones activas PrtSc , lo que permite a atacantes cercanos físicamente ejecutar comandos arbitrarios en una estación de trabajo desatendida haciendo numerosas peticiones PrtSc y aprovechando un bloqueo temporal, y la disponibilidad de una shell resultante temporal, causada por Linux kernel OOM killer.", }, ], id: "CVE-2014-7300", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-25T21:59:02.937", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2014/09/29/17", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0535.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=737456", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2014/09/29/17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0535.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=737456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 | |
| xmlsoft | libxml2 | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * | |
| apple | watchos | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", matchCriteriaId: "080450EA-85C1-454D-98F9-5286D69CF237", versionEndIncluding: "9.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82", versionEndIncluding: "10.11.3", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", matchCriteriaId: "B7CF16CB-120B-4FC0-B7A2-2FCD3324EA8A", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", matchCriteriaId: "FBF14807-BA21-480B-9ED0-A6D53352E87F", versionEndIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.", }, { lang: "es", value: "La función xmlParseMisc en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio (lectura de memoria dinámica fuera de rango) a través de vectores no especificados relacionados con límites de entidades y etiquetas de inicio incorrectos.", }, ], id: "CVE-2015-7500", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-15T21:59:05.120", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/79562", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1034243", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", }, { source: "secalert@redhat.com", url: "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/79562", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| xmlsoft | libxml2 | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.", }, { lang: "es", value: "La función xmlParseXMLDecl en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto obtener información sensible a través de (1) un valor de codificiación indeterminado o (2) una declaración XML incompleta en datos XML, lo que desencadena una lectura de memoria dinámica fuera de rango.", }, ], id: "CVE-2015-8317", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-15T21:59:09.560", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/11/21/1", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/11/22/3", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/77681", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/91826", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1034243", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "cve@mitre.org", url: "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751603", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751631", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", }, { source: "cve@mitre.org", url: "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e", }, { source: "cve@mitre.org", url: "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT206899", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT206901", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT206902", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT206903", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT206904", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT206905", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/11/21/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/11/22/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/77681", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91826", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751603", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751631", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206901", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206902", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206904", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206905", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-01-29 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mageia | mageia | 4.0 | |
| redhat | libvirt | * | |
| redhat | libvirt | 1.2.0 | |
| redhat | libvirt | 1.2.1 | |
| redhat | libvirt | 1.2.2 | |
| redhat | libvirt | 1.2.3 | |
| redhat | libvirt | 1.2.4 | |
| redhat | libvirt | 1.2.5 | |
| redhat | libvirt | 1.2.6 | |
| redhat | libvirt | 1.2.7 | |
| redhat | libvirt | 1.2.8 | |
| redhat | libvirt | 1.2.9 | |
| redhat | libvirt | 1.2.10 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F805A106-9A6F-48E7-8582-D3C5A26DFC11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", matchCriteriaId: "A8A22EF4-358B-4D85-BC9E-CADD6DF4643B", versionEndIncluding: "1.2.11", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "527B9236-CA4E-42A8-8C7A-2FB92BE2B4B9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FA9572AC-1D6D-4AA1-AEF0-CB9143F38215", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6B6D6F-6CD3-43C3-B1EC-18DEC89DFDA6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "BF21D58D-6952-4C72-94C3-32421499AFCE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "83403472-4883-4914-846A-3C3E912C5573", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "00DF70BC-8C33-4B01-9BF7-4D260E68DBAD", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "EEEF1A5E-E1FD-4D28-B90A-86D78ABE3F58", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "49568634-FD82-43E0-B60F-28896999CF48", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.8:*:*:*:*:*:*:*", matchCriteriaId: "EC1E4E78-937D-4BF1-B45E-74B24A02C97D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.9:*:*:*:*:*:*:*", matchCriteriaId: "E80222EC-EA2E-444B-A51C-0287055A598C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:libvirt:1.2.10:*:*:*:*:*:*:*", matchCriteriaId: "1CA535BD-4D1A-4BD6-9EF0-1E57A80E6466", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: false, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.", }, { lang: "es", value: "libvirt anterior a 1.2.12 permite a usuarios remotos autenticados obtener la contraseña VNC mediante el uso del indicador VIR_DOMAIN_XML_SECURE con (1) una instantánea manipulada a la interfaz virDomainSnapshotGetXMLDesc o (2) una imagen manipulada a la interfaz virDomainSaveImageGetXMLDesc.", }, ], id: "CVE-2015-0236", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-01-29T15:59:00.060", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0046.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00028.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/62766", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.libvirt.org/2015/0001.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:035", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/62766", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.libvirt.org/2015/0001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "728F5CC4-5692-4921-BF0B-E364F87D2A42", versionEndIncluding: "5.5.46", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3553190A-1EA3-4FDC-838C-1AF34A0D5D1A", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C8B516F9-DA77-45E7-9D1D-C66E49E6F97D", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.2:*:*:*:*:*:*:*", matchCriteriaId: "23E2C5C7-9BCC-476C-BF69-7771C9600D92", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.3:*:*:*:*:*:*:*", matchCriteriaId: "EB9D5F37-45F0-4F80-84EA-8179931AD303", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.4:*:*:*:*:*:*:*", matchCriteriaId: "21EFF6F8-AD71-4FD6-A37C-9903CF09A87F", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.5:*:*:*:*:*:*:*", matchCriteriaId: "000F198B-4149-4108-8706-89FFE2D15001", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.6:*:*:*:*:*:*:*", matchCriteriaId: "0E9B6400-7126-4C48-9A87-501FC3426DBB", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CFAE8185-E8C8-4216-AAC2-12C95D8A4964", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.8:*:*:*:*:*:*:*", matchCriteriaId: "C1BEE2E7-F0CB-4E39-9E0F-91DB837E2979", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.9:*:*:*:*:*:*:*", matchCriteriaId: "ED693A68-AD80-451E-83CF-D248514688BE", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.10:*:*:*:*:*:*:*", matchCriteriaId: "0DDD2822-CF30-4087-A9AB-9BCFC5CEACC7", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.11:*:*:*:*:*:*:*", matchCriteriaId: "E6109E6A-A0FB-44CF-AD80-A510E6ACA899", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.12:*:*:*:*:*:*:*", matchCriteriaId: "E2B8DA6D-5E8C-416C-A4C7-BCCB460EBCE3", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.13:*:*:*:*:*:*:*", matchCriteriaId: "681C1351-A5C7-4B67-87A9-61F1CA115D39", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.14:*:*:*:*:*:*:*", matchCriteriaId: "4C2446AD-E917-4614-93B1-7F47A030CC0A", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.15:*:*:*:*:*:*:*", matchCriteriaId: "83484159-71C4-47DB-8769-F735467E8871", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.16:*:*:*:*:*:*:*", matchCriteriaId: "F4D0D3F2-01A4-4294-8665-C6160FB4735C", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.17:*:*:*:*:*:*:*", matchCriteriaId: "B69284A6-9B28-4EB8-B214-7EB3968357EF", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.18:*:*:*:*:*:*:*", matchCriteriaId: "37D79DF6-54FA-4ED8-B0CB-B7B9E6F6A0EE", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.19:*:*:*:*:*:*:*", matchCriteriaId: "C98121EF-DF6B-4A46-8EE3-0062E9AF0B44", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.20:*:*:*:*:*:*:*", matchCriteriaId: "717CB721-213B-45F2-ABF8-22C2D9D140CD", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.21:*:*:*:*:*:*:*", matchCriteriaId: "3FA50A75-019F-4419-8A26-45ECA74FEC35", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.0.22:*:*:*:*:*:*:*", matchCriteriaId: "EBADC517-FE84-48D0-B8CB-35870E1FC482", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8992102A-BD39-4BCB-9F92-BA88C5E72830", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.1:*:*:*:*:*:*:*", matchCriteriaId: "8F29B9F5-5C6A-4A48-9A1E-0A552E49780F", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.2:*:*:*:*:*:*:*", matchCriteriaId: "74581B16-EC32-4ECA-B761-583B92D3E470", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.3:*:*:*:*:*:*:*", matchCriteriaId: "D77494F3-FE15-4EC0-9F0B-94142177ABB4", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.4:*:*:*:*:*:*:*", matchCriteriaId: "63C538D2-B88F-4E12-9557-01112931A656", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.5:*:*:*:*:*:*:*", matchCriteriaId: "3DB6247F-C3FD-4204-BD21-2F60E080139B", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.6:*:*:*:*:*:*:*", matchCriteriaId: "0162BF64-C53C-446D-BDEE-5B0823FA7869", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.7:*:*:*:*:*:*:*", matchCriteriaId: "DD57C2E4-B0E7-429D-BA03-CDEED522B951", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.8:*:*:*:*:*:*:*", matchCriteriaId: "7CE62A44-0584-4070-89D1-17A87B5B19F3", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:10.1.9:*:*:*:*:*:*:*", matchCriteriaId: "E1165D35-8A27-48A3-9678-533E5FAAEE0E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "2B27571F-1A55-492E-AEA6-079B931CED61", versionEndIncluding: "5.5.46", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con Optimizer.", }, ], id: "CVE-2016-0616", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:39.850", references: [ { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", url: "http://www.securityfocus.com/bid/81176", }, { source: "secalert_us@oracle.com", url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/81176", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-19 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| firewalld | firewalld | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:firewalld:firewalld:*:*:*:*:*:*:*:*", matchCriteriaId: "848D161A-5C16-4653-8A44-320409D9101E", versionEndIncluding: "0.4.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.", }, { lang: "es", value: "firewalld.py en firewalld en versiones anteriores a 0.4.3.3 permite a usuarios locales eludir la autenticación y modificar las configuraciones del firewall a través de (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry o (5) setEntries D-Bus API method.", }, ], id: "CVE-2016-5410", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-19T14:59:00.207", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2597.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2016/08/16/3", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92481", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1360135", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201701-70", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2597.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2016/08/16/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92481", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1360135", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201701-70", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-13 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mercurial:mercurial:*:*:*:*:*:*:*:*", matchCriteriaId: "EE61A315-75AC-46FE-A269-990B4A8BD156", versionEndIncluding: "3.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "D41A798E-0D69-43C7-9A63-1E5921138EAC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*", matchCriteriaId: "DB2A1559-651C-46B0-B436-8E03DC8A60D2", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.", }, { lang: "es", value: "Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de una URL git ext:: manipulada cuando se clona un subrepositorio.", }, ], id: "CVE-2016-3068", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-13T16:59:16.177", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/85733", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201612-19", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/34d43cb85de8", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/85733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201612-19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/34d43cb85de8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-07 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-2131.html | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securitytracker.com/id/1034221 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1238322 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-2131.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034221 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1238322 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*", matchCriteriaId: "A94A47B9-02DC-4085-AB11-90AB2753B5D2", versionEndExcluding: "2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", matchCriteriaId: "44B8FEDF-6CB0-46E9-9AD7-4445B001C158", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", }, { lang: "es", value: "La función nss_parse_ciphers en libraries/libldap/tls_m.c en OpenLDAP no analiza adecuadamente cadenas de cifrado en modo multiclave de estilo OpenSSL, lo que podría provocar el uso de un cifrado más débil que el previsto y permitir a atacantes remotos tener un impacto no especificado a través de vectores desconocidos.", }, ], id: "CVE-2015-3276", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2015-12-07T20:59:03.023", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034221", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034221", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| oracle | solaris | 11.3 | |
| oracle | linux | 7 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con Optimizer.", }, ], id: "CVE-2016-0597", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:25.223", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81151", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81151", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| oracle | linux | 7 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| oracle | solaris | 11.3 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con DML.", }, ], id: "CVE-2016-0598", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:26.347", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81182", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81182", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | solaris | 11.3 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| oracle | linux | 7 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| oracle | mysql | * | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores y 5.6.27 y versiones anteriores y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con DML.", }, ], id: "CVE-2016-0596", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:24.223", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81130", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.", }, { lang: "es", value: "Múltiples erroes de signo de enteros en la función pcf_get_encodings en pcf/pcfread.c en FreeType anterior a 2.5.4 permiten a atacantes remotos causar una denegación de servicio (desbordamiento de enteros, referencia a puntero nulo y caída de aplicación) a través de un fichero PCF manipulado que especifica valores negativos para la primera columna y la primera fila.", }, ], id: "CVE-2014-9670", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:31.693", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=158", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:01
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | solaris | 11.3 | |
| oracle | linux | 7 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Client. NOTA: la información anterior proviene de la CPU de Enero de 2016. Oracle no ha comentado sobre alegaciones de terceros que estos son múltiples desbordamientos de buffer en la herramienta mysqlshow que permite a servidores de bases de datos remotos tener un impacto no especificado a través de un nombre largo de tabla o base de datos.", }, ], id: "CVE-2016-0546", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:01:33.983", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81066", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81066", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-10-09 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | icedtea | * | |
| redhat | icedtea | 1.6 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*", matchCriteriaId: "BDB43F31-4C43-4E80-8B2A-66A8502FCA11", versionEndIncluding: "1.5.2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:icedtea:1.6:*:*:*:*:*:*:*", matchCriteriaId: "28570EF8-C777-4AA9-BD96-ADA1D4B09B91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.", }, { lang: "es", value: "IcedTea-Web en versiones anteriores a 1.5.3 y 1.6.x anterior a 1.6.1 no limpia correctamente URLs de applet, lo que permite a atacantes remotos inyectar applets en el archivo de configuración .appletTrustSettings y eludir la aprobación del usuario para ejecutar la applet a través de una página web manipulada, probablemente relacionada con el salto de línea.", }, ], id: "CVE-2015-5234", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-10-09T14:59:01.843", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033780", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2817-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233667", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2817-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233667", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | linux | 7 | |
| oracle | solaris | 11.3 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con InnoDB.", }, ], id: "CVE-2016-0600", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:28.553", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81188", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.", }, { lang: "es", value: "La implementación SoapClient en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un tipo de dato no esperado, relacionado con casos \"type confusion\" en los métodos (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies y (6) SoapClient::__setCookie.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/843.html\">Access of Resource Using Incompatible Type ('Type Confusion')</a>", id: "CVE-2015-4600", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:07.753", references: [ { source: "secalert@redhat.com", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/74413", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74413", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-08 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2594.html | Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2765.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/99097 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1349540 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2594.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2765.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99097 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1349540 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.", }, { lang: "es", value: "389 Directory Server en RedHat Enterprise Linux Desktop 6 hasta el 7, RedHat Enterprise Linux HPC node 6 hasta el 7, RedHat Enterprise Linux Server 6 hasta el 7, y RedHat Enterprise Linux WorkStation 6 hasta el 7 permite a un atacante remoto leer el Access Control Instruction por defecto.", }, ], id: "CVE-2016-5416", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-08T19:29:00.340", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/99097", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/99097", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349540", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| xmlsoft | libxml2 | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.", }, { lang: "es", value: "Desbordamiento de buffer basado en memoria dinámica en la función xmlDictComputeFastQKey en dict.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio a través de vectores no especificados.", }, ], id: "CVE-2015-7497", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-15T21:59:01.663", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/79508", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1034243", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281862", }, { source: "secalert@redhat.com", url: "https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/79508", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281862", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-37", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| canonical | ubuntu_linux | 16.04 | |
| imagemagick | imagemagick | * | |
| imagemagick | imagemagick | 7.0.0-0 | |
| imagemagick | imagemagick | 7.0.1-0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", matchCriteriaId: "F89D4030-2804-4CFE-8DC1-66BC99720860", versionEndIncluding: "6.9.3-9", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*", matchCriteriaId: "3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*", matchCriteriaId: "693C9F8F-A8C1-4D06-8F31-E085E16E701C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*", matchCriteriaId: "FE561C57-71DE-434A-85BC-1FAAFDCC7058", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.", }, { lang: "es", value: "El codificador MSL en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permite a atacantes remotos mover archivos arbitrarios a través de una imagen manipulada.", }, ], id: "CVE-2016-3716", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-05T18:59:06.383", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201611-21", }, { source: "secalert@redhat.com", url: "https://www.exploit-db.com/exploits/39767/", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/script/changelog.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201611-21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/39767/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/script/changelog.php", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gstreamer | gstreamer | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*", matchCriteriaId: "E205DF55-52AD-46B7-B83E-2FDB322A52A2", versionEndIncluding: "1.10.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica en la función flx_decode_delta_fli en gst/flx/gstflxdec.c en el decoder FLIC en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) proporcionando un \"recuento de escritura\" que va más allá del búfer inicializado.", }, ], id: "CVE-2016-9636", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-27T22:59:02.053", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94499", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201705-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201705-10", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-07-20 11:12
Modified
2025-04-12 10:46
Severity ?
Summary
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| mit | kerberos | 5-1.8 | |
| mit | kerberos | 5-1.10.5 | |
| mit | kerberos | 5-1.10.6 | |
| mit | kerberos | 5-1.10.7 | |
| mit | kerberos_5 | 1.7 | |
| mit | kerberos_5 | 1.7.1 | |
| mit | kerberos_5 | 1.8 | |
| mit | kerberos_5 | 1.8.1 | |
| mit | kerberos_5 | 1.8.2 | |
| mit | kerberos_5 | 1.8.3 | |
| mit | kerberos_5 | 1.8.4 | |
| mit | kerberos_5 | 1.8.5 | |
| mit | kerberos_5 | 1.8.6 | |
| mit | kerberos_5 | 1.9 | |
| mit | kerberos_5 | 1.9.1 | |
| mit | kerberos_5 | 1.9.2 | |
| mit | kerberos_5 | 1.9.3 | |
| mit | kerberos_5 | 1.9.4 | |
| mit | kerberos_5 | 1.10 | |
| mit | kerberos_5 | 1.10.1 | |
| mit | kerberos_5 | 1.10.2 | |
| mit | kerberos_5 | 1.10.3 | |
| mit | kerberos_5 | 1.10.4 | |
| mit | kerberos_5 | 1.11 | |
| mit | kerberos_5 | 1.11.1 | |
| mit | kerberos_5 | 1.11.2 | |
| mit | kerberos_5 | 1.11.3 | |
| mit | kerberos_5 | 1.11.4 | |
| mit | kerberos_5 | 1.12 | |
| mit | kerberos_5 | 1.12.1 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*", matchCriteriaId: "932A9238-B5F1-440B-92B8-1CD17A2CC274", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", matchCriteriaId: "42238DD3-2CFB-4F88-9CB6-A2B6F71DBB9D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", matchCriteriaId: "B8D48B3D-DE6C-47DA-8002-659AED084A04", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "DB845405-97B7-4609-A61E-68C5CCD374EA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "4B09C090-B842-43C7-B8A6-DBF63D80FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", matchCriteriaId: "36823B2B-5C72-4FF3-9301-FB263EB8CE09", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "59AFA33E-FEBC-45F5-9EC6-8AA363163FB5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "04D83332-B2FD-4E86-A76C-C3F1CD3B3A31", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "758A0011-20ED-414A-9DF3-50A161DF8BC2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "7768AED0-AE4C-4D4E-8D5D-5B618AB82966", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "534104C5-966E-4740-A354-4F6C210FF25B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "78AF5659-C0E3-49C4-9CA7-FC3917C8AC49", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", matchCriteriaId: "86738633-C081-4440-9F75-A775D6DF2228", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", matchCriteriaId: "C7BCFFEE-EA7A-4F26-97AA-31128A179745", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", matchCriteriaId: "91A2D7F5-EBDE-4000-AC78-8DD6472E685A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", matchCriteriaId: "8E92BFA5-723E-4843-A8D8-BC1D32F34569", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", matchCriteriaId: "34C27198-9B55-42FB-AA21-D8B4EB60D926", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", matchCriteriaId: "FC504264-A9E9-4433-B7AA-6D5015A93FF3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "77FA352F-520C-4C05-AD52-FC8586DB16B1", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", matchCriteriaId: "9FFB18F7-CB08-4AE4-9DEC-55D047819A0A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", matchCriteriaId: "637E858A-7C16-490C-99A8-F46440E5F504", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", matchCriteriaId: "22840B84-2EA4-4E96-A8D8-154AAEADB806", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", matchCriteriaId: "2D554BDC-CD7D-4572-B1E8-5F627F2C5916", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "65BCD38A-33AD-4FD7-AF5B-8470B24C4139", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E11F9209-799A-428B-9513-DBD0F19C7BF4", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "1DA40FAA-B858-4282-8438-247E99FBB002", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "65795542-D886-46C4-8ECB-4630078DF66A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", matchCriteriaId: "79A9FAE9-7219-4D6A-9E94-FFE20223537D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "EA68BC90-FCFC-4C9B-8574-9029DB2358E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.", }, { lang: "es", value: "MIT Kerberos 5 (también conocido como krb5) 1.7.x hasta 1.12.x anterior a 1.12.2 permite a atacantes remotos causar una denegación de servicio (sobrelectura de buffer o referencia a puntero nulo y caída de aplicación) mediante la inyección de tokens inválidos en una sesión de la aplicación GSSAPI.", }, ], id: "CVE-2014-4342", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-07-20T11:12:50.870", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/59102", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/60082", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/68908", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1030706", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/59102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/60082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/68908", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1030706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.", }, { lang: "es", value: "La función tt_sbit_decoder_init en sfnt/ttsbit.c en FreeType anterior a 2.5.4 proceda con una asociación de contar a tamaño (count-to-size) sin restringir el valor de la cuenta, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de enteros y lectura fuera de rango o posiblemente tener otro impacto a través de un bitmap embebido manipulado.", }, ], id: "CVE-2014-9666", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-02-08T11:59:28.193", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=167", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-07 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | automatic_bug_reporting_tool | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:automatic_bug_reporting_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "5A8C122D-5975-4348-80F4-C2EB87EC74CE", versionEndIncluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.", }, { lang: "es", value: "El programa de ayuda abrt-action-install-debuginfo-to-abrt-cache en Automatic Bug Reporting Tool (ABRT) en versiones anteriores a 2.7.1 permite a usuarios locales escribir archivos arbitrarios a través de un ataque de un enlace simbólico en unpacked.cpio en un directorio creado previamente con un nombre predecible en /var/tmp.", }, ], id: "CVE-2015-5273", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-07T18:59:00.137", references: [ { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172809.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/78113", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262252", }, { source: "secalert@redhat.com", url: "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172809.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/78113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262252", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| canonical | ubuntu_linux | 16.04 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| imagemagick | imagemagick | * | |
| imagemagick | imagemagick | 7.0.0-0 | |
| imagemagick | imagemagick | 7.0.1-0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*", matchCriteriaId: "FE561C57-71DE-434A-85BC-1FAAFDCC7058", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", matchCriteriaId: "F89D4030-2804-4CFE-8DC1-66BC99720860", versionEndIncluding: "6.9.3-9", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*", matchCriteriaId: "3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*", matchCriteriaId: "693C9F8F-A8C1-4D06-8F31-E085E16E701C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.", }, { lang: "es", value: "El codificador LABEL en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permite a atacantes remotos leer archivos arbitrarios a través de una imagen manipulada.", }, ], id: "CVE-2016-3717", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.1, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-05T18:59:07.663", references: [ { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201611-21", }, { source: "secalert@redhat.com", url: "https://www.exploit-db.com/exploits/39767/", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "secalert@redhat.com", url: "https://www.imagemagick.org/script/changelog.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201611-21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/39767/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.imagemagick.org/script/changelog.php", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 18:59
Modified
2025-04-12 10:46
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
References
Impacted products
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "ImageMagick Server-Side Request Forgery (SSRF) Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", matchCriteriaId: "967EC28A-607F-48F4-AD64-5E3041C768F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "2148300C-ECBD-4ED5-A164-79629859DD43", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:6.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "837F0D24-99B3-4093-A45A-53ADB0367FCF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2_s390x:*:*:*:*:*:*:*", matchCriteriaId: "357FDE3E-2248-4BCD-B726-97C4D92FDCB7", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.3_s390x:*:*:*:*:*:*:*", matchCriteriaId: "E420B889-BB89-4B64-B0E0-7E9B8545B959", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "B908AEF5-67CE-42D4-961D-C0E7ADB78ADD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "0F8EB695-5EA3-46D2-941E-D7F01AB99A48", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*", matchCriteriaId: "1E1DB003-76B8-4D7B-A6ED-5064C3AE1C11", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "6D8D654F-2442-4EA0-AF89-6AC2CD214772", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8BCF87FD-9358-42A5-9917-25DF0180A5A6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "9835090F-120A-4A53-B4A8-375DD6999167", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8E5B5F9E-D749-45E5-8538-7CED9620C00C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "188019BF-3700-4B3F-BFA5-553B2B545B7F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "9B8B2E32-B838-4E51-BAA2-764089D2A684", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "4319B943-7B19-468D-A160-5895F7F997A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "7A584AAA-A14F-4C64-8FED-675DC36F69A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "D373A806-8A25-4BD4-8511-879D8755C326", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.3_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "CFE6C909-798B-4B7A-9BD4-6741933DBC1F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "E9A24D0C-604D-4421-AFA6-5D541DA2E94D", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "3A2E3637-B6A6-4DA9-8B0A-E91F22130A45", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "F81F859C-DA89-4D1E-91D3-A000AD646203", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "418488A5-2912-406C-9337-B8E85D0C2B57", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*", matchCriteriaId: "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*", matchCriteriaId: "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*", matchCriteriaId: "FE561C57-71DE-434A-85BC-1FAAFDCC7058", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "6755B6AD-0422-467B-8115-34A60B1D1A40", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", matchCriteriaId: "87477201-64C5-490B-AAE1-23D26F774989", versionEndExcluding: "6.9.3-10", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*", matchCriteriaId: "3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*", matchCriteriaId: "693C9F8F-A8C1-4D06-8F31-E085E16E701C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", matchCriteriaId: "D7B037A8-72A6-4DFF-94B2-D688A5F6F876", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", matchCriteriaId: "44B8FEDF-6CB0-46E9-9AD7-4445B001C158", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", matchCriteriaId: "964B57CD-CB8A-4520-B358-1C93EC5EF2DC", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", matchCriteriaId: "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*", matchCriteriaId: "FD4EEF7C-CC33-4494-8531-7C0CC28A8823", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3CBED083-B935-4C47-BBDA-F39D8EA277ED", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*", matchCriteriaId: "BD6136E8-74DE-48AF-A8AB-B0E93D34870C", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", matchCriteriaId: "2076747F-A98E-4DD9-9B52-BF1732BCAD3D", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "D41A798E-0D69-43C7-9A63-1E5921138EAC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", matchCriteriaId: "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", matchCriteriaId: "ED540469-C4DD-485D-9B89-6877B2A74217", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.", }, { lang: "es", value: "Los codificadores (1) HTTP y (2) FTP en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permiten a atacantes remotos llevar a cabo ataques de falsificación de peticiones del lado del servidor (SSRF) a través de una imagen manipulada.", }, ], id: "CVE-2016-3718", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2016-05-05T18:59:08.960", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201611-21", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39767/", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "secalert@redhat.com", tags: [ "Release Notes", ], url: "https://www.imagemagick.org/script/changelog.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201611-21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39767/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.imagemagick.org/script/changelog.php", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-918", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-22 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/92615 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html | Third Party Advisory | |
| cve@mitre.org | https://rhn.redhat.com/errata/RHSA-2016-2593.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92615 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2016-2593.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "4CECD221-9715-4ECD-88E5-3252EFCA784F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.", }, { lang: "es", value: "sudo: Se ha descubierto que la configuración por defecto de sudo en Red Hat Enterprise Linux y posiblemente en otras implementaciones de Linux preserva el valor de INPUTRC lo que podría llevar a revelación de información. Un usuario local con acceso sudo a un programa restringido que utiliza readline puede utilizar esta falla para leer contenido de archivos especialmente formateados con privilegios elevados concedidos por sudo.", }, ], id: "CVE-2016-7091", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-22T21:59:00.113", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92615", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-2593.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92615", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-2593.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-06-07 14:06
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.7.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| spice_project | spice | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:spice_project:spice:*:*:*:*:*:*:*:*", matchCriteriaId: "DEBE327D-19D9-41F1-8EF7-6D894CE35655", versionEndIncluding: "0.12.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.", }, { lang: "es", value: "Desbordamiento de buffer basado en memoria dinámica en SPICE en versiones anteriores a 0.12.6 permite a usuarios invitados del SO provocar una denegación de servicio (corrupción basada en memoria dinámica y caída de QEMu-KVM) o posiblemente ejecutar código arbitrario en el anfitrión a través de comandos QXL relacionados con el parámetro surface_id .", }, ], id: "CVE-2015-5260", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-06-07T14:06:06.713", references: [ { source: "secalert@redhat.com", url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3371", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/77019", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033753", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2766-1", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1260822", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201606-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/77019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033753", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2766-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1260822", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-05", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | tomcat | - | |
| redhat | jboss_enterprise_web_server | 2.0.0 | |
| redhat | jboss_web_server | 3.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5FCB11-3FCA-4EB4-8FA6-87B356B80739", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "681173DF-537E-4A64-8FC7-75F439CCAD0D", vulnerable: false, }, { criteria: "cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "54EB07A0-FB38-4F17-9C8D-DB629967F07B", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.", }, { lang: "es", value: "El paquete Tomcat en Red Hat Enterprise Linux (RHEL) 5 hasta la versión 7, JBoss Web Server 3.0 y JBoss EWS 2 utiliza permisos débiles para (1) /etc/sysconfig/tomcat y (2) /etc/tomcat/tomcat.conf, lo que permite a usuarios locales obtener privilegios aprovechando su pertenencia al grupo tomcat.", }, ], id: "CVE-2016-6325", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-13T14:59:09.127", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/93478", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2017:0456", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "VDB Entry", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93478", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:0456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "VDB Entry", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-18 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| automount_project | automount | 5.0.8 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:automount_project:automount:5.0.8:*:*:*:*:*:*:*", matchCriteriaId: "E2203531-156F-47BB-82BE-6C58EC4412B3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.", }, { lang: "es", value: "automount 5.0.8, cuando una mapa de programa utilice ciertos lenguajes interpretados, utiliza los valores de las variables de entorno USER y HOME del usuario llamante en lugar de los valores del usuario utilizados para hacer funcionar el programa mapeado, lo que permite a usuarios locales ganar privilegios a través de un programa troyano en el directorio de inicio del usuario.", }, ], id: "CVE-2014-8169", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-18T16:59:00.063", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00033.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1344.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/73211", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2579-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1192565", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=917977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1344.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/73211", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2579-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1192565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=917977", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2025-04-20 01:37
Severity ?
Summary
Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2581.html | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1324025 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2581.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1324025 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | networkmanager | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:networkmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "316EA453-AD0A-4AE2-8B62-3CE4525AB57B", versionEndIncluding: "1.0.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.", }, { lang: "es", value: "Una condición de carrera en Network Manager anterior a versión 1.0.12 como empaquetado en Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7 y Red Hat Enterprise Linux Workstation 7, permite a los usuarios locales obtener información de conexión confidencial mediante la lectura de archivos temporales durante cambios de ifcfg y keyfile.", }, ], id: "CVE-2016-0764", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-17T13:18:05.373", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2581.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324025", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2581.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324025", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-14 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*", matchCriteriaId: "CC2EDDE6-49F2-41D3-BCB2-F49886A2A170", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", matchCriteriaId: "B8C6E104-EDBC-481E-85B8-D39ED2058D39", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*", matchCriteriaId: "FB3FB071-FCCC-4425-AFBF-77287C1B8F7B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", matchCriteriaId: "4B74C62D-4A6D-4A4F-ADF6-A508322CD447", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", matchCriteriaId: "6E89B38A-3697-46DD-BB3F-E8D2373588BE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "C036011A-9AE1-423C-8B73-188B9BA20FEE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "663C6EE5-5B5E-4C0F-9E7F-D0E1DA9AF9EA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "8051459E-94D3-4D4A-9D40-CC9475DDB00C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "42056C63-69A7-43CF-828C-0C3E365702D9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "5B6A39A3-7F86-4DC3-B248-859630AFB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "58377AE3-1C13-4C3F-BC55-8336DAEEF97F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "005C2DA4-D00E-4206-851E-9226D66B5F2F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "97B17602-0D97-469B-A9B1-30AAC8F758F1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.8:*:*:*:*:*:*:*", matchCriteriaId: "857B664A-C6F9-45E3-93EA-C0F53CEF5C46", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.9:*:*:*:*:*:*:*", matchCriteriaId: "6DFDA458-74E8-4DEF-B524-A4A8672CB66A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.10:*:*:*:*:*:*:*", matchCriteriaId: "9A3E3BF3-4376-4692-A515-A7B6593F28F1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.11:*:*:*:*:*:*:*", matchCriteriaId: "AB6AF9D5-CE60-4FC9-91AB-E243F0D429E9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.12:*:*:*:*:*:*:*", matchCriteriaId: "3B1AC712-110D-458F-B650-930C6D45CA53", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.13:*:*:*:*:*:*:*", matchCriteriaId: "7F848FA5-9682-454F-A9DE-671C4401F15F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.14:*:*:*:*:*:*:*", matchCriteriaId: "C4B83678-98A1-440E-950C-4A27995C7294", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.15:*:*:*:*:*:*:*", matchCriteriaId: "FB9EEE31-479A-4370-BF00-C26C1AF502B6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.16:*:*:*:*:*:*:*", matchCriteriaId: "95EABD7D-1F18-4FA5-BAA9-F8D69129E531", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.17:*:*:*:*:*:*:*", matchCriteriaId: "65B836CA-3740-48B0-966B-21E65EF3D636", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.18:*:*:*:*:*:*:*", matchCriteriaId: "3988FA1B-18D9-46AA-87BA-A6B01D4F4B25", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.19:*:*:*:*:*:*:*", matchCriteriaId: "51A46409-7AC6-45DB-B92D-29988C445BC1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.20:*:*:*:*:*:*:*", matchCriteriaId: "09E2B608-6C70-446F-A3A7-369048D99855", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.21:*:*:*:*:*:*:*", matchCriteriaId: "5AA00AE0-F447-4361-AA37-0C98BDE491E3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.22:*:*:*:*:*:*:*", matchCriteriaId: "21DACE94-FBDC-4A3D-8DD6-E62D18F5EE7A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.23:*:*:*:*:*:*:*", matchCriteriaId: "220A02AF-6ADA-4B75-BC81-40B2D847029A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.24:*:*:*:*:*:*:*", matchCriteriaId: "ECEB8F61-195E-41DE-90CE-22854055E9D6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.25:*:*:*:*:*:*:*", matchCriteriaId: "D0F72B91-1F7F-41EB-ABC8-1B50AFEC70EA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.26:*:*:*:*:*:*:*", matchCriteriaId: "111091B9-CBAE-4FC7-8B97-7D2345BFCB45", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.27:*:*:*:*:*:*:*", matchCriteriaId: "54C6D9D3-50B2-4A63-B3D1-C76C70F4443E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.28:*:*:*:*:*:*:*", matchCriteriaId: "4110AA74-C69D-45BC-A630-9EE3A2036BD6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.29:*:*:*:*:*:*:*", matchCriteriaId: "F2DEFD05-10EE-4242-B885-FD1B0DF6CAA1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.30:*:*:*:*:*:*:*", matchCriteriaId: "1CAA1090-C1C7-43A2-BD44-065572D226B6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.31:*:*:*:*:*:*:*", matchCriteriaId: "2FD92305-91BF-4984-A029-8FA83CBF1A12", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.32:*:*:*:*:*:*:*", matchCriteriaId: "F9F9A6DB-19BF-4798-879E-9BD4AD5EFF2F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.33:*:*:*:*:*:*:*", matchCriteriaId: "31EE280F-D76D-478B-ADD6-D5F2C7574A2F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.34:*:*:*:*:*:*:*", matchCriteriaId: "747314F7-A515-41FF-8095-62A9F05F0DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.35:*:*:*:*:*:*:*", matchCriteriaId: "C1BE9ED0-685B-41F0-A984-D33E7034AEA7", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.36:*:*:*:*:*:*:*", matchCriteriaId: "E3F6AD99-7697-47E5-8301-723C16535C76", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.37:*:*:*:*:*:*:*", matchCriteriaId: "07B00AD3-D13C-45B5-A13A-9092D40F4A63", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.38:*:*:*:*:*:*:*", matchCriteriaId: "14222EA8-E8ED-4818-ACB4-C6A13643F210", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.39:*:*:*:*:*:*:*", matchCriteriaId: "A22C28DD-5C99-4722-9093-A1E82A2C2808", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.40:*:*:*:*:*:*:*", matchCriteriaId: "93714B71-6331-4F5A-A12A-B4B80CA2FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.41:*:*:*:*:*:*:*", matchCriteriaId: "10CD562E-1F06-4779-A29C-4069E3C86B16", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.42:*:*:*:*:*:*:*", matchCriteriaId: "4D83D507-64AF-4158-97B9-1353E2F8EE46", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.43:*:*:*:*:*:*:*", matchCriteriaId: "BC5E39EA-C32E-4E87-9A3F-CCB5144F0E68", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.43:devel:*:*:*:*:*:*", matchCriteriaId: "61B9103F-CD72-4F06-BED1-7AE4AB9E672C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.44:*:*:*:*:*:*:*", matchCriteriaId: "0DF6249D-5AA8-4EA3-A92A-0E492FE5B811", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.45:*:*:*:*:*:*:*", matchCriteriaId: "CDE7F259-40A2-4866-8EF8-44A9913EC4EF", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.45:devel:*:*:*:*:*:*", matchCriteriaId: "CFA3EED5-F0AB-4C5C-92D7-B84BFDAA31AE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.46:*:*:*:*:*:*:*", matchCriteriaId: "03C20A42-6A77-43D4-80D7-332BB2DF1B66", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.46:devel:*:*:*:*:*:*", matchCriteriaId: "8A0A1B56-0E92-4E81-9B2C-4F9B9D5833EF", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.47:*:*:*:*:*:*:*", matchCriteriaId: "D4CC5DBB-249B-4EED-9F54-E23CB1919ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.47:beta:*:*:*:*:*:*", matchCriteriaId: "C10D9119-0FF8-4DFE-8632-A14D9C83CC9E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.48:*:*:*:*:*:*:*", matchCriteriaId: "088A1BDB-BB1A-46B5-898B-23311DE27CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.48:betas:*:*:*:*:*:*", matchCriteriaId: "C24CA735-6EA6-41E3-A82D-D443BB47806B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.49:*:*:*:*:*:*:*", matchCriteriaId: "6CBAA828-F42A-420F-B17E-6FACF6CD483D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.50:*:*:*:*:*:*:*", matchCriteriaId: "D20664A4-4816-4F57-82BB-F4116FA33A41", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.51:*:*:*:*:*:*:*", matchCriteriaId: "64226521-0723-4259-B214-0D2A35CF5FBA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.52:*:*:*:*:*:*:*", matchCriteriaId: "6ABEEBFE-A8C8-40D4-97D8-F06676E67478", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.53:*:*:*:*:*:*:*", matchCriteriaId: "47831D80-33AC-4A13-B92D-3D2CBF215955", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.54:*:*:*:*:*:*:*", matchCriteriaId: "7ED428C8-E6AB-4BB1-BE7D-543B2A19410F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.55:*:*:*:*:*:*:*", matchCriteriaId: "00EFBF77-B771-4A52-B4FF-6346F4B69968", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "BB9D7121-F80E-4F17-A55B-4E404B87B823", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6D6B3DAF-DF99-48B2-8E7C-BE8E043D4C24", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "29050958-EFD8-4A79-9022-EF72AAD4EDB3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "B3CB33B1-71B2-4235-A2C1-FCAEA9844A6A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "436F8C71-1780-4DC6-937B-8F1F51C7453D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "0BF2C6F3-BFE7-4234-9975-DE7FCDA26A46", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "5B79DC5F-5062-4031-BA11-746EE3C8E1CE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CAD6DE25-8B2F-4DB9-9969-8AAC23BC0AE5", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "35F2B503-1516-465D-A558-9932BDB3457D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.9:*:*:*:*:*:*:*", matchCriteriaId: "BA94EAAA-A4D2-4E36-BC69-BBE9644FE970", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.10:*:*:*:*:*:*:*", matchCriteriaId: "F3A7C96C-8FBB-42B4-937E-3321C939CC87", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.11:*:*:*:*:*:*:*", matchCriteriaId: "94084356-D39B-41B2-AC24-0ADAD0BF5988", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*", matchCriteriaId: "086C6335-7872-46A7-AEB1-9BE5AE5A788C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*", matchCriteriaId: "FF8233B1-04A0-4E25-97EE-CF466B48A12E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*", matchCriteriaId: "FA714E7E-05EF-4598-9324-887BC66C675E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*", matchCriteriaId: "C5CF3B73-D3B9-4D76-B411-C837BCE0806E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*", matchCriteriaId: "D1752D91-3468-4E22-B60F-6789B3CBD7B4", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*", matchCriteriaId: "F433AA7E-A780-4D45-AD1A-5A4CE1F3FCD1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*", matchCriteriaId: "93E210A7-489B-4EA7-A840-599523157DD3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*", matchCriteriaId: "B37565FA-72F5-4063-8D7A-97BC269F020B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*", matchCriteriaId: "BC8FA821-818E-4BC7-834B-94EB5C042390", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*", matchCriteriaId: "F3FBF3D3-95A6-4869-8A69-F0E5ECA40220", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*", matchCriteriaId: "D07785D0-E995-4208-AB8C-43B320D291F9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*", matchCriteriaId: "152DDD6E-CF56-4E1C-BE4D-C7BC0FD9B08C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*", matchCriteriaId: "19BBA666-4473-4C6D-BF48-34EF3F09AD7D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*", matchCriteriaId: "B7DDF6CC-7997-47E7-96D3-8DC10F1D17F0", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*", matchCriteriaId: "A1926DD0-0A9B-4F9D-BB4F-AC7AB0B3F0E4", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*", matchCriteriaId: "2763A6C7-DBBA-4E2A-917C-B6FF524B9891", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*", matchCriteriaId: "E7DECDF8-7742-4D58-99FA-100A01748B05", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*", matchCriteriaId: "CA4FD3B1-3A68-4122-AA50-31BFC6C50408", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*", matchCriteriaId: "45790331-CE26-457F-8649-F027703E73EE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*", matchCriteriaId: "0B0BFE2D-5C7B-42E0-B783-8C5907CA8635", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*", matchCriteriaId: "7CD993C1-70B6-4ACB-B958-94E7EF973A8B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.33:*:*:*:*:*:*:*", matchCriteriaId: "C085686C-A0AA-4F56-9E7D-B5CB24B890D9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.34:*:*:*:*:*:*:*", matchCriteriaId: "D02A5197-06B9-469E-9817-45BB23324042", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.35:*:*:*:*:*:*:*", matchCriteriaId: "5EB6BE37-E564-4E42-BE39-36DD301C37A4", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.37:*:*:*:*:*:*:*", matchCriteriaId: "314209F2-E0A0-4045-8108-8E7215312442", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.38:*:*:*:*:*:*:*", matchCriteriaId: "11A8ECBB-7E50-4447-88E2-893C1466C251", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.39:*:*:*:*:*:*:*", matchCriteriaId: "8B8F24A5-F5C3-495F-9AF0-2EE836E0147A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.40:*:*:*:*:*:*:*", matchCriteriaId: "46DE2DE3-F081-4B80-A4DA-C5AB27B3CA8C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.41:*:*:*:*:*:*:*", matchCriteriaId: "71EF1D77-7838-47DF-B6A2-DBBAC0058FED", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.42:*:*:*:*:*:*:*", matchCriteriaId: "76BA4FEA-FEB4-47A9-9DFF-A233CEE03D04", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.43:*:*:*:*:*:*:*", matchCriteriaId: "60DB5A63-E89E-48AB-A846-107EBEC71D67", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.44:*:*:*:*:*:*:*", matchCriteriaId: "2181FEEB-D07E-490C-9953-3490D87B63A9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.45:*:*:*:*:*:*:*", matchCriteriaId: "36DC41DD-A291-4ECE-84B9-574828AA2A80", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.46:*:*:*:*:*:*:*", matchCriteriaId: "015D1E36-17A1-4413-B1FB-5DF4C36712BD", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.47:*:*:*:*:*:*:*", matchCriteriaId: "F64CE8F2-22B1-43F8-8934-CBCD2EFBA85D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.48:*:*:*:*:*:*:*", matchCriteriaId: "CEB15BE8-1B88-4117-AF14-3AA2B54DB323", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.50:*:*:*:*:*:*:*", matchCriteriaId: "A2CB2728-4CC7-46EA-809B-450A9BB9F884", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.51:*:*:*:*:*:*:*", matchCriteriaId: "96638963-D264-49AD-9B77-497C3DA23DFA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.52:*:*:*:*:*:*:*", matchCriteriaId: "88544BBE-29A1-4622-B3E6-FA4B891A9B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.53:*:*:*:*:*:*:*", matchCriteriaId: "DD658D98-9A4D-4DC2-A935-BB3BF0E0FB2B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.54:*:*:*:*:*:*:*", matchCriteriaId: "FFF819AF-AC11-4BD9-A070-572836A65FB7", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.55:*:*:*:*:*:*:*", matchCriteriaId: "2EEAC62D-BF2B-40DF-9428-FFBF7CA09471", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.55:rc01:*:*:*:*:*:*", matchCriteriaId: "27DFAB04-5C5C-4366-B3FC-C83AAB807F0B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.56:*:*:*:*:*:*:*", matchCriteriaId: "36327723-F953-4BD3-A525-930DDCF7931D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.56:devel:*:*:*:*:*:*", matchCriteriaId: "36F717B1-CC02-4878-9A78-1584074E81C0", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.57:*:*:*:*:*:*:*", matchCriteriaId: "7D482811-2EF1-47AE-A41C-7532AC6DEF31", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.57:rc01:*:*:*:*:*:*", matchCriteriaId: "FF26AB67-81F8-4CD2-8E28-BDF9FE2CD58F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.58:*:*:*:*:*:*:*", matchCriteriaId: "2D0EE98D-0596-4147-9EC4-F3616BF2B901", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.59:*:*:*:*:*:*:*", matchCriteriaId: "62F15027-0E80-48B7-9ECD-9E7228F0E81B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.60:*:*:*:*:*:*:*", matchCriteriaId: "99904D7E-0046-4481-99B6-01710D4FC848", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.61:*:*:*:*:*:*:*", matchCriteriaId: "8AB33B4E-E69A-4002-816C-24CCD49682F2", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.62:*:*:*:*:*:*:*", matchCriteriaId: "42A4FAF1-4B81-47C4-BFB7-6052524A2DA8", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.63:*:*:*:*:*:*:*", matchCriteriaId: "686A50C3-93E1-4C3F-8089-322BE26E6317", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.64:*:*:*:*:*:*:*", matchCriteriaId: "BBD67FEF-E6D3-449B-B2E9-14A69AD8E923", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.65:*:*:*:*:*:*:*", matchCriteriaId: "BD8B4549-007C-4572-86D9-F51A7B3FC586", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "52D5DAA1-3632-48D7-A657-4A4C83A119D5", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "EB5AE8E0-3C11-4EE1-A599-4D70C6A13F1B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "6AD36C3B-3C02-488B-B480-EA091D702CA3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "59BAD272-D4B6-40CE-B5E9-63145E12B638", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "5EEB311C-766D-4070-A0BE-9CE4593C8F49", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "C185BF59-68E4-49F8-802F-C06FE840FF3D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "5C399B31-B8EC-41C4-B6AB-83BABC474374", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "3B00AF5F-D4F5-490C-8BF4-2B33EFBF15A7", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "BA9AEB1D-0AA7-4842-9CF9-91BFD8B58A4F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "09150152-5DEA-4FA2-9163-63EAF4D83DEF", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "45E5068A-42BE-478B-8C00-FE23B7837DC1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.11:*:*:*:*:*:*:*", matchCriteriaId: "023CCFB0-7995-408E-928A-76C5BD9B4924", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "493F615D-DB81-48B3-9E74-C32544A01372", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "D2F12925-44F7-4790-8A06-345EB3DCCB71", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.14:*:*:*:*:*:*:*", matchCriteriaId: "7F5BF226-D62F-4F54-B771-EB108FD256FC", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.15:*:*:*:*:*:*:*", matchCriteriaId: "D2EDBFCB-96DA-4A36-873A-3164975BE997", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.16:*:*:*:*:*:*:*", matchCriteriaId: "ACDB15BE-BDD2-4210-B224-A520E8DC7D89", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.17:*:*:*:*:*:*:*", matchCriteriaId: "70D3AD38-CCE7-47E6-8225-C0BFC3F10E4A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.18:*:*:*:*:*:*:*", matchCriteriaId: "4D176C8F-C91F-47C8-AEC8-377324944421", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:0.90:*:*:*:*:*:*:*", matchCriteriaId: "4EF125DE-6BD1-4640-9710-6EE69CD8A871", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:0.95:*:*:*:*:*:*:*", matchCriteriaId: "DE45B563-07B8-4F4E-80B4-C73216DF7295", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:0.96:*:*:*:*:*:*:*", matchCriteriaId: "0303A619-21BE-49DD-8C08-F04DFB31FC73", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:0.97:*:*:*:*:*:*:*", matchCriteriaId: "197C2166-FCB7-467B-ABF1-E30E7DBD8816", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:0.98:*:*:*:*:*:*:*", matchCriteriaId: "663DD631-661D-48FA-A090-A18536BA284A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:0.99:*:*:*:*:*:*:*", matchCriteriaId: "1AEDED41-716C-4D7F-9D18-FF4672F51C67", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:*", matchCriteriaId: "C8BA2974-AF9F-4382-B443-F54354B5623A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "CE8BC209-45B9-44D6-A26D-0B570ED5BB19", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:*", matchCriteriaId: "468B1A0E-AF58-42C4-9801-D6F83F283360", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "6644ED2F-66F3-469D-8233-72FE7321E850", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:*", matchCriteriaId: "B36D610D-F86A-4D46-B0F2-884FFA601C69", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:*", matchCriteriaId: "C8A976DD-87FA-425D-8E07-E3CFC4D3FD05", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "3F34978D-6ABE-463E-AB48-21CC55B7D157", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:*", matchCriteriaId: "3716FF0E-AD20-46F8-B8F6-3EC42D427C90", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "7A4568BB-F5FF-4BBB-9DA3-E66C2BFA2416", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.5:beta:*:*:*:*:*:*", matchCriteriaId: "E5300EC4-B3A0-42C5-8D39-67AB75C47153", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "246CF13F-FDC1-499E-9FC1-5624D54E9E3F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.6:beta:*:*:*:*:*:*", matchCriteriaId: "D5840A8E-AB64-40A9-8BB6-EB6BA51D40B4", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.7:*:*:*:*:*:*:*", matchCriteriaId: "AC66FD43-421B-4223-BA32-EC47B51E1091", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.7:beta:*:*:*:*:*:*", matchCriteriaId: "EEC9D57C-47F2-4773-85B6-FFB0C4681E0C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.8:*:*:*:*:*:*:*", matchCriteriaId: "F0F5664B-5AB9-4DE4-99AA-8FD32DBA4A4A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.8:beta:*:*:*:*:*:*", matchCriteriaId: "5CD1C8E6-DF35-47F7-877F-001AD62B57CC", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.9:*:*:*:*:*:*:*", matchCriteriaId: "C7712376-D776-4814-A041-FBFEAC70ADC3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.9:beta:*:*:*:*:*:*", matchCriteriaId: "DF69B34E-F7FB-4F4C-AF7D-ACD165B1233B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.10:beta:*:*:*:*:*:*", matchCriteriaId: "F7CC2E64-E48C-4DE6-892D-06A0B806A51B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.11:*:*:*:*:*:*:*", matchCriteriaId: "65DEDF02-9239-497C-94DB-DAF80B6B4F6C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.11:beta:*:*:*:*:*:*", matchCriteriaId: "5BE62DB2-664D-4E0A-840F-09D13E41704A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.12:*:*:*:*:*:*:*", matchCriteriaId: "8CAAECD8-0C16-40CC-BA8A-97DF38BAF668", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.13:*:*:*:*:*:*:*", matchCriteriaId: "84D9B3E6-D32D-4E4B-908A-39FAC3D5F618", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.13:beta:*:*:*:*:*:*", matchCriteriaId: "561D5D7A-1933-4A6D-940E-8DD035AA31B3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.14:*:*:*:*:*:*:*", matchCriteriaId: "8F2DB1EF-B961-4C56-8519-242419B6AB9C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.15:*:*:*:*:*:*:*", matchCriteriaId: "2BDE2351-2B17-4C1A-A625-6C7DE691039A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.16:*:*:*:*:*:*:*", matchCriteriaId: "5426F3F0-CF21-45D4-9071-F8F7865A7619", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "25147E8F-7385-4393-BE21-E3347610F003", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.18:*:*:*:*:*:*:*", matchCriteriaId: "19C06F50-7C48-4FD6-B0C9-6C9B643742B2", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.19:*:*:*:*:*:*:*", matchCriteriaId: "DA562433-F6F5-46C1-98DE-8309BD940260", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.20:beta:*:*:*:*:*:*", matchCriteriaId: "61FBBD3D-E216-46D3-9D12-6D3732B75E30", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.21:*:*:*:*:*:*:*", matchCriteriaId: "5AB9178D-DEEF-4D2C-9347-F553312129C3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.22:*:*:*:*:*:*:*", matchCriteriaId: "3157A738-20EB-4BE0-A58B-E21DDA64EDC8", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.23:*:*:*:*:*:*:*", matchCriteriaId: "6D70C6B1-2360-48C9-931D-BAED79151DF0", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.24:*:*:*:*:*:*:*", matchCriteriaId: "29F79896-3EF0-4F53-8EBC-66D811E2C315", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.5.25:*:*:*:*:*:*:*", matchCriteriaId: "E2C8AE4F-0473-4B52-8DB4-31022057FD71", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "41D423E1-A542-4E8C-8ABF-B0B0B0C27DD5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.", }, { lang: "es", value: "Desbordamiento inferior de entero en la función png_check_keyword en pngwutil.c en libpng 0.90 hasta la versión 0.99, 1.0.x en versiones anteriores a 1.0.66, 1.1.x y 1.2.x en versiones anteriores a 1.2.56, 1.3.x y 1.4.x en versiones anteriores a 1.4.19 y 1.5.x en versiones anteriores a 1.5.26 permite a atacantes remotos tener un impacto no especificado a través de un carácter de espacio como contraseña en una imagen PNG, lo que desencadena una lectura fuera de rango.", }, ], id: "CVE-2015-8540", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-14T14:59:03.287", references: [ { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html", }, { source: "cve@mitre.org", url: "http://sourceforge.net/p/libpng/bugs/244/", }, { source: "cve@mitre.org", url: "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2016/dsa-3443", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/12/10/6", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/12/10/7", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/12/11/1", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/12/11/2", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/12/17/10", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/80592", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201611-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sourceforge.net/p/libpng/bugs/244/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3443", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/12/10/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/12/10/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/12/11/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/12/11/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/12/17/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/80592", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201611-08", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-05-03 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | mysql | * | |
| oracle | mysql | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.3.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "DFB5297F-00E3-4FD7-BE85-D9AD483284D6", versionEndIncluding: "5.1.61", versionStartIncluding: "5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "ADFF26FD-261F-423A-B2B8-FAB6F9BEADCD", versionEndIncluding: "5.5.21", versionStartIncluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3.z:*:*:*:*:*:*:*", matchCriteriaId: "53D4F13B-9A39-48F4-A522-A7B84D2A6B14", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "900159A3-EA20-4042-A0E2-2E1D48791759", versionEndExcluding: "5.1.62", versionStartIncluding: "5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "5E218187-5A47-4AFE-AF7F-FCE5A22E380F", versionEndExcluding: "5.5.22", versionStartIncluding: "5.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.", }, { lang: "es", value: "Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.1.61 y versiones anteriores y 5.5.21 y versiones anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Server Optimizer, una vulnerabilidad diferente a CVE-2012-1690.", }, ], id: "CVE-2012-1703", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-05-03T22:55:02.747", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1462.html", }, { source: "secalert_us@oracle.com", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/48890", }, { source: "secalert_us@oracle.com", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/49179", }, { source: "secalert_us@oracle.com", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/51309", }, { source: "secalert_us@oracle.com", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/53372", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-201308-06.xml", }, { source: "secalert_us@oracle.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/53058", }, { source: "secalert_us@oracle.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1026934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1462.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/48890", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/49179", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/51309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Permissions Required", ], url: "http://secunia.com/advisories/53372", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-201308-06.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/53058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1026934", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.", }, { lang: "es", value: "bdf/bdflib.c en FreeType anterior a 2.5.4 identifica los nombres de propiedades con solamente verificar que una subcadena inicial esté presente, lo que permite a atacantes remotos descubrir valores de punteros de la memoria dinámica y evadir el mecanismo de protección ASLR a través de una fuente BDF manipulada.", }, ], id: "CVE-2014-9675", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:36.490", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=151", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "cve@mitre.org", url: "https://source.android.com/security/bulletin/2016-11-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=151", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://source.android.com/security/bulletin/2016-11-01.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-21 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| fedoraproject | fedora | 23 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | manager | 2.1 | |
| suse | manager_proxy | 2.1 | |
| suse | openstack_cloud | 5 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| ntp | ntp | * | |
| novell | leap | 42.2 | |
| opensuse | leap | 42.1 | |
| siemens | tim_4r-ie_firmware | * | |
| siemens | tim_4r-ie | - | |
| siemens | tim_4r-id_dnp3_firmware | * | |
| siemens | tim_4r-id_dnp3 | - | |
| oracle | linux | 6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", matchCriteriaId: "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", matchCriteriaId: "35BBD83D-BDC7-4678-BE94-639F59281139", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:manager:2.1:*:*:*:*:*:*:*", matchCriteriaId: "2A33B9F5-E0D1-4A3E-9FFB-5602A25F3227", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*", matchCriteriaId: "53F0F5A0-70D9-4305-A834-B6FF71E27B30", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*", matchCriteriaId: "88BCD7DC-0FEF-477D-8698-F8D8F1A49D90", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ntp:ntp:*:p355:*:*:*:*:*:*", matchCriteriaId: "07FBDFE4-D886-4461-A360-480F50BD12C7", versionEndIncluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", matchCriteriaId: "A64AAD2D-38ED-4BA2-A27A-A2716F28D43A", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_4r-ie_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0730ED6-676B-4200-BC07-C0B4531B242C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_4r-ie:-:*:*:*:*:*:*:*", matchCriteriaId: "0B87B16C-9E9F-448B-9255-B2BB2B8CAD63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_4r-id_dnp3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8851DB6-6B63-4D78-A100-50F81B4DF75B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_4r-id_dnp3:-:*:*:*:*:*:*:*", matchCriteriaId: "1A8AC343-6F4F-4CAF-BD09-F8F1D2F6DBB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", matchCriteriaId: "D7B037A8-72A6-4DFF-94B2-D688A5F6F876", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.", }, { lang: "es", value: "La función ULOGTOD en el archivo ntp.d en SNTP en versiones anteriores a la 4.2.7p366 no realiza apropiadamente las conversiones de tipo de un valor de precisión a uno doble, lo que permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un paquete NTP creado.", }, ], id: "CVE-2015-5219", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-21T14:29:00.867", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76473", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1255118", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76473", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1255118", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-704", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-06-27 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | vm_server | 3.3 | |
| oracle | vm_server | 3.4 | |
| oracle | linux | 5.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| linux | linux_kernel | * | |
| novell | suse_linux_enterprise_real_time_extension | 12.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_for_real_time | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_mrg | 2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*", matchCriteriaId: "C2D62B2C-40E5-41B7-9DAA-029BCD079054", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*", matchCriteriaId: "4BA58099-26F7-4B01-B9FC-275F012FE9C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "E3CCD459-9E6D-4731-8054-CDF8B58454A9", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "FC099084-12C9-4396-ABC7-F389CFAD871E", versionEndIncluding: "4.6.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*", matchCriteriaId: "B2905A9C-3E00-4188-8341-E5C2F62EF405", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7.0:*:*:*:*:*:*:*", matchCriteriaId: "1BA3C94F-5FA1-4805-A3EC-6E27AE9AB10C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.0:*:*:*:*:*:*:*", matchCriteriaId: "079318CC-8A10-401B-8BC9-8CD28C3F1797", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C60FA8B1-1802-4522-A088-22171DCF7A93", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.", }, { lang: "es", value: "La función key_reject_and_link en security/keys/key.c en el kernel de Linux hasta la versión 4.6.3 no asegura que cierta estructura de datos esté inicializada, lo que permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de vectores involucrando un comando keyctl request2 manipulado.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", id: "CVE-2016-4470", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-06-27T10:59:08.720", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1532.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1539.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1541.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2074.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2076.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2128.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2133.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3607", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2016/06/15/11", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1036763", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3049-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3050-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3051-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3052-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3053-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3054-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3055-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3056-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-3057-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1341716", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1532.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1539.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1541.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2074.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2076.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2128.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/06/15/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3049-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3050-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3051-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3052-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3053-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3054-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3055-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3056-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-3057-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1341716", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| freetype | freetype | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.", }, { lang: "es", value: "La función _bdf_parse_glyphs en bdf/bdflib.c en FreeType anterior a 2.5.4 no maneja correctamente un registro ENDCHAR perdido, lo que permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo) o posiblemente tener otro impacto no especificado a través de una fuente BDF manipulada.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", id: "CVE-2014-9660", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:22.680", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=188", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.", }, { lang: "es", value: "PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 no asegura que los nombres de ruta carezcan de la secuencia %00, lo que podría permitir a atacantes remotos leer o escribir archivos arbitrarios a través de entrada manipulada para una aplicación que llama a (1) un método de carga DOMDocument, (2) la función xmlwriter_open_uri, (3) la función finfo_file o (4) la función hash_hmac_file, según lo demostrado mediante un ataque filename\\0.xml que elude una configuración prevista en la que los usuarios cliente pueden leer solamente archivos .xml.", }, ], id: "CVE-2015-3411", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:02.360", references: [ { source: "cve@mitre.org", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { source: "cve@mitre.org", url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/75255", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032709", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69353", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69353", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xmlsoft | libxml2 | * | |
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * | |
| apple | watchos | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", matchCriteriaId: "080450EA-85C1-454D-98F9-5286D69CF237", versionEndIncluding: "9.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82", versionEndIncluding: "10.11.3", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", matchCriteriaId: "B7CF16CB-120B-4FC0-B7A2-2FCD3324EA8A", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", matchCriteriaId: "FBF14807-BA21-480B-9ED0-A6D53352E87F", versionEndIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", }, { lang: "es", value: "La función xmlSAX2TextNode en SAX2.c en la interfaz push en el parser HTML en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio (sobre lectura de buffer basado en pila y caída de la aplicación) u obtener información sensible a través de datos XML manipulados.", }, ], id: "CVE-2015-8242", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-12-15T21:59:07.387", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/77681", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1034243", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756372", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", }, { source: "cve@mitre.org", url: "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/77681", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756372", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-12-18 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:subversion:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D75936BB-5BE4-4B8C-B2A0-2BE13B713AE8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BFCE3B89-46A6-4D1F-AFB3-FCB6C3B66245", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E4DFB08D-01C2-4D95-8EB2-81F5C27AC656", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "A3625A8E-A326-4DCE-9CFB-B0E38FC54B6E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "106C86D0-84D9-4F44-821F-FD0D49EB32E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "156DD5C1-C2C3-4AD7-B432-79CC3EC32B63", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "75551DEC-A2BE-453D-9ABA-B3041A2607C0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CB5A2F0A-E06E-40C6-98C1-4343AA9C2EFF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "0FC70E13-59B6-4A75-9AF0-D38CCAB2D117", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.9:*:*:*:*:*:*:*", matchCriteriaId: "8316A374-3E3E-4FBA-AB57-9244812C8E2D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0EB42901-B207-4B41-B09C-91153A19C7D5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E3DA7ADC-6A81-4250-B6E1-4E4425156941", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "83D766B5-5F07-44F1-A488-127D18510989", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "2C8479EC-930C-47DB-9A02-E7B2F9101E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "D1D47331-B23A-4A6E-8F14-74628F0E1846", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "C9E2C35C-FEBA-4525-8A38-9C170B34FA07", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A098CEF5-04BE-48C0-8414-AFC9D03771E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "C39739A0-8C23-4167-B63D-1000F9D3B684", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0FD13E19-4B9C-4DBD-9339-7BFE5377689F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "35C2CFEF-2F6D-4F9A-9DDF-4CC6448BADC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "6D04C072-7D90-428F-A226-BAD0105D22B7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "856959BA-9945-4AA8-95D3-B3752C0D895D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "13109084-931E-4565-BEE5-794B83E6978D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "726B9C10-ACD5-41C2-A552-FD0046A75966", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "87D72A75-EDB9-4AD1-B6FC-8A918804DE0B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "B55A7A26-C994-4956-BBE7-BF3A51971295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "FB9E26AB-915A-477F-BA5C-10965A7098F9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "DFD49A9B-16A7-4362-8D62-6EB5ECBE4296", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "7B0CB798-F4ED-44E5-9B15-B7009EAC6303", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "67130DAF-AE81-43D2-A208-58A53746A7E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "90631FFA-9AB2-483D-B162-31A47428D280", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*", matchCriteriaId: "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*", matchCriteriaId: "341F900B-5179-4CB4-9F41-91B58B29C414", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3F34F463-6350-4F48-B037-856DDBB1A4FE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B2C813BA-B8F9-446B-A07F-B51F26815578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "3DF4080D-0D95-429E-88AA-1051A5520C01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "CF50F098-A055-4B79-AC35-6BD6F32D70F2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*", matchCriteriaId: "540461D4-87F4-42AB-ADDC-C7A067FE2893", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*", matchCriteriaId: "3E676744-C623-4894-8764-43588E56D2FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*", matchCriteriaId: "669735D1-1C14-4CD7-AA7C-AD2CA63A1979", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*", matchCriteriaId: "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*", matchCriteriaId: "D5F71F24-D909-49D9-8B4F-FA757FDF1C25", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*", matchCriteriaId: "034D1C36-B73E-443E-A6B4-44CC6E7BC043", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*", matchCriteriaId: "6D373245-8384-45E4-BE2E-E0518BD7F84F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*", matchCriteriaId: "EED44413-D313-4588-9A4B-25F79D0925A3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*", matchCriteriaId: "C193EB08-BBC2-43A2-B11A-9C7E2098862D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*", matchCriteriaId: "022A5BCE-A1DC-48E2-829D-AD9261562095", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*", matchCriteriaId: "155F83A1-A04A-48C0-A801-B38F129F310F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*", matchCriteriaId: "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*", matchCriteriaId: "27A15D05-29BA-4CCC-9348-A516E1E2C079", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*", matchCriteriaId: "2004B474-9869-445D-957D-20EF254FB461", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*", matchCriteriaId: "8F91A5E0-0DD8-47DD-B52E-A15E8064945F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*", matchCriteriaId: "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*", matchCriteriaId: "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*", matchCriteriaId: "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*", matchCriteriaId: "3194C6CE-3E8A-4861-AED1-942824974AE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8D102460-B5D5-46C4-8021-7C3510A5FCF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "92265E60-7BBF-4E8E-A438-4132D8FD57BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "346DE008-472F-47E1-8B96-F968C7D0A003", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*", matchCriteriaId: "4C9BDB22-29E0-48A3-8765-FAC6A3442A35", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*", matchCriteriaId: "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*", matchCriteriaId: "F63AB9E5-FD99-40A8-B24F-623BDDBCA427", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*", matchCriteriaId: "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*", matchCriteriaId: "B0B873C1-E7D6-4E55-A5A7-85000B686071", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*", matchCriteriaId: "87D2E8DD-4225-476A-AF17-7621C9A28391", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*", matchCriteriaId: "40D913E2-0FBD-4F6C-8A21-43A0681237BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*", matchCriteriaId: "4B869CEB-7637-48C3-8A4C-171CFB766B97", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*", matchCriteriaId: "75CF5BC1-7071-48A3-86A9-C843485CAED5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*", matchCriteriaId: "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*", matchCriteriaId: "200DB058-C9F0-4983-AF99-EBB8FC2E7875", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*", matchCriteriaId: "57697AAD-5264-4C05-89E4-0228DEF2E9DF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*", matchCriteriaId: "24295270-DCBF-4FF3-88F7-E9A30B6388E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*", matchCriteriaId: "22E754F2-5D3D-437E-BB15-693D2EB58DA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*", matchCriteriaId: "CF4232D2-1F70-4A06-BD11-A0DFE6CE0744", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.18:*:*:*:*:*:*:*", matchCriteriaId: "A3256F8C-2CA8-43B5-96E5-794113FF531B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.19:*:*:*:*:*:*:*", matchCriteriaId: "593F15F7-E610-458B-B094-BF6AC53B719A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "EC0E7811-3B60-46E7-943C-E0E7ED00FB01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "50D26799-D038-470A-A468-58DBDB64A7E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "D3769BD6-B104-4F74-B8C4-89398A8894FB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "9757DD5E-42A6-44B8-9692-49690F60C8D1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "A7B5A014-D4EE-4244-AABA-0873492F7295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "CD9F8C2A-A94E-4D99-839B-47AAE8754191", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*", matchCriteriaId: "69D29A9E-DB23-4D86-B4A3-3C4F663416AD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*", matchCriteriaId: "D86AEE89-9F8E-43A5-A888-F421B10DB2C7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*", matchCriteriaId: "D335628F-EC07-43BE-9B29-3365A6F64D71", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*", matchCriteriaId: "D4EF7D71-3AAF-4112-831A-3538C5B82594", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*", matchCriteriaId: "81EE9433-C21F-4902-B37E-CF4FC1132B72", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.", }, { lang: "es", value: "El módulo mod_dav_svn Apache HTTPD del servidor Apache Subversion 1.x anterior a 1.7.19 y 1.8.x anterior a 1.8.11 permite a atacantes remotos llevar a cabo una denegación de servicio (referencia a puntero nulo y caída de servidor) mediante una petición REPORT para un recurso inexistente.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", id: "CVE-2014-3580", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-18T15:59:00.070", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/61131", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2014-3580-advisory.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3107", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/71726", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT204427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/61131", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2014-3580-advisory.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3107", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/71726", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT204427", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-26 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | automatic_bug_reporting_tool | - | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:automatic_bug_reporting_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "A396CA2B-75FF-4BEE-8C0A-89B7C030D1E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.", }, { lang: "es", value: "Automatic Bug Reporting Tool (ABRT) permite a usuarios locales leer, cambiar la propiedad o realizar otras acciones no especificada en archivos arbitrarios mediante symlink attack en (1) / var / tmp / abrt / * / maps, (2) / tmp /jvm-*/hs_error.log, (3) / proc / * / exe, (4) / etc / os-release en un chroot, o (5) un directorio raíz no especificado relacionado con librpm.", }, ], id: "CVE-2015-3315", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-26T15:29:00.427", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1083.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1210.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/04/14/4", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/04/16/12", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75117", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1211835", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7", }, { source: "cve@mitre.org", url: "https://www.exploit-db.com/exploits/44097/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1210.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/04/14/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/04/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75117", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1211835", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/44097/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F608A0-78BE-4F17-9E41-70933E52B3C7", versionEndIncluding: "1.0.1s", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*", matchCriteriaId: "18797BEE-417D-4959-9AAD-C5A7C051B524", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*", matchCriteriaId: "6FAA3C31-BD9D-45A9-A502-837FECA6D479", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*", matchCriteriaId: "6455A421-9956-4846-AC7C-3431E0D37D23", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", matchCriteriaId: "60F946FD-F564-49DA-B043-5943308BA9EE", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", matchCriteriaId: "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", matchCriteriaId: "9B89180B-FB68-4DD8-B076-16E51CC7FB91", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", matchCriteriaId: "4C986592-4086-4A39-9767-EF34DBAA6A53", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", matchCriteriaId: "7B23181C-03DB-4E92-B3F6-6B585B5231B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", matchCriteriaId: "94D9EC1C-4843-4026-9B05-E060E9391734", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*", matchCriteriaId: "B066401C-21CF-4BE9-9C55-C9F1E0C7BE3F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", matchCriteriaId: "A39C31E3-75C0-4E92-A6B5-7D67B22E3449", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BB318EA4-2908-4B91-8DBB-20008FDF528A", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "1F4E46A9-B652-47CE-92E8-01021E57724B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", matchCriteriaId: "36DD8E3F-6308-4680-B932-4CBD8E58A7FB", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", matchCriteriaId: "1DA9F0F7-D592-481E-884C-B1A94E702825", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", matchCriteriaId: "6CD857E7-B878-49F9-BDDA-93DDEBB0B42B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", matchCriteriaId: "FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A47AB858-36DE-4330-8CAC-1B46C5C8DA80", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", matchCriteriaId: "49413FF7-7910-4F74-B106-C3170612CB2A", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", matchCriteriaId: "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "A8882E50-7C49-4A99-91F2-DF979CF8BB2F", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", matchCriteriaId: "98C32982-095C-4628-9958-118A3D3A9CAA", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", matchCriteriaId: "FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", matchCriteriaId: "7C4E6353-B77A-464F-B7DE-932704003B33", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "77125688-2CCA-4990-ABB2-551D47CB0CDD", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", matchCriteriaId: "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B846C63A-7261-481E-B4A4-0D8C79E0D8A7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "46D566AF-D1DE-4EAD-B881-DC40D1DE780C", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "81BED703-422A-4937-8BF0-F83C248188F9", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*", matchCriteriaId: "A241BABC-E6A8-43B1-BED6-77FC38E337BD", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*", matchCriteriaId: "DBE8AEFE-C74B-4E24-8EBA-35207DE756E3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "1CBD1B3E-644C-42B4-A556-7A4C58D219D6", versionEndExcluding: "0.10.45", versionStartIncluding: "0.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "2E35B5D6-6D7B-4D04-A8E4-88C4C47270AE", versionEndExcluding: "0.12.14", versionStartIncluding: "0.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "A47FC4F7-1F77-4314-B4B3-3C5D8E335379", versionEndIncluding: "4.1.2", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "BA51558F-F55C-48B3-870B-6D1225998AB3", versionEndExcluding: "4.4.4", versionStartIncluding: "4.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "D8D63E80-A861-4393-A868-9845F521CD04", versionEndExcluding: "5.11.1", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5A53CB0E-3FBA-4796-BC81-6003A7DC29DE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.", }, { lang: "es", value: "La implementación de AES-NI en OpenSSL en versiones anteriores a 1.0.1t y 1.0.2 en versiones anteriores a 1.0.2h no considera la asignación de memoria durante una comprobación de relleno determinada, lo que permite a atacantes remotos obtener información de texto claro sensible a través de un ataque de padding-oracle contra una sesión AES CBC . NOTA: esta vulnerabilidad existe debido a una corrección incorrecta para CVE-2013-0169.", }, ], id: "CVE-2016-2107", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-05T01:59:03.200", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://support.citrix.com/article/CTX212736", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/89760", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91787", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035721", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/", }, { source: "secalert@redhat.com", tags: [ "Permissions Required", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=68595c0c2886e7942a14f98c17a55a88afb6c292", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03728en_us", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT206903", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39768/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2016-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.citrix.com/article/CTX212736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/89760", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=68595c0c2886e7942a14f98c17a55a88afb6c292", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03728en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT206903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39768/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2016-18", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-08 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.", }, { lang: "es", value: "mod_ns en Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7, permite a atacantes remotos forzar el uso de cifrados que no estaban destinados a ser habilitados.", }, ], id: "CVE-2016-3099", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-08T19:29:00.213", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183102.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183129.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184345.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2602.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183102.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183129.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184345.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2602.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319052", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-327", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| freetype | freetype | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.", }, { lang: "es", value: "La función Mac_Read_POST_Resource en base/ftobjs.c en FreeType anterior a 2.5.4 proceda con la suma de los valores de longitud sin validar los valores originales, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de enteros y desbordamiento de buffer basado en memoria dinámica) o posiblemente tener otro impacto no especificado a través de una fuente Mac manipulada.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/190.html\">CWE-190: Integer Overflow or Wraparound</a>", id: "CVE-2014-9674", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:35.633", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=153", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2016/dsa-3461", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=153", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3461", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-08 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2594.html | Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2765.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/93884 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1358865 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2594.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2765.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93884 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1358865 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.", }, { lang: "es", value: "389 Directory Server en Red Hat Enterprise Linux Desktop versiones 6 a la 7, Red Hat Enterprise Linux HPC Node versiones 6 a la 7, servidor Red Hat Enterprise Linux versiones 6 a la 7 y Red Hat Enterprise Linux Las Workstation versiones 6 a la 7, permiten a atacantes remotos obtener contraseñas de usuario.", }, ], id: "CVE-2016-5405", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-08T19:29:00.293", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93884", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358865", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93884", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358865", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-199", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-21 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r28.3.9 | |
| redhat | icedtea7 | * | |
| oracle | linux | 5.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 6.7.z | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:jdk:1.6.0:update113:*:*:*:*:*:*", matchCriteriaId: "AE4602E8-1466-4148-BC89-7FAFFA14A886", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:1.7.0:update99:*:*:*:*:*:*", matchCriteriaId: "C3D13189-1F7B-482F-ABF7-CC8D563716C8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:1.8.0:update77:*:*:*:*:*:*", matchCriteriaId: "C6CAC2AE-7FB0-40F4-9A45-533943A35772", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.6.0:update113:*:*:*:*:*:*", matchCriteriaId: "F0D546F4-B709-4522-B84A-7D6C301814BA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.7.0:update99:*:*:*:*:*:*", matchCriteriaId: "0BF73F1C-91F1-41F6-956C-4A64603DCDF0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.8.0:update77:*:*:*:*:*:*", matchCriteriaId: "CDF71474-FFBF-44A0-A5EC-CD3E50472D97", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jrockit:r28.3.9:*:*:*:*:*:*:*", matchCriteriaId: "1F7ACC3A-F8F4-4B53-981A-697569B172CE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:icedtea7:*:rc1:*:*:*:*:*:*", matchCriteriaId: "2A1A63BA-D559-4692-9C27-5F7402BD2353", versionEndIncluding: "2.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "E3CCD459-9E6D-4731-8054-CDF8B58454A9", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con Security.", }, ], id: "CVE-2016-0695", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-21T10:59:55.117", references: [ { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html", }, { source: "secalert_us@oracle.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0650.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0651.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0675.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0676.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0677.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0678.html", }, { source: "secalert_us@oracle.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0679.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0723.html", }, { source: "secalert_us@oracle.com", url: "http://www.debian.org/security/2016/dsa-3558", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", url: "http://www.securityfocus.com/bid/86438", }, { source: "secalert_us@oracle.com", url: "http://www.securitytracker.com/id/1035596", }, { source: "secalert_us@oracle.com", url: "http://www.ubuntu.com/usn/USN-2963-1", }, { source: "secalert_us@oracle.com", url: "http://www.ubuntu.com/usn/USN-2964-1", }, { source: "secalert_us@oracle.com", url: "http://www.ubuntu.com/usn/USN-2972-1", }, { source: "secalert_us@oracle.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10159", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-18", }, { source: "secalert_us@oracle.com", url: "https://security.netapp.com/advisory/ntap-20160420-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0650.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0651.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0675.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0676.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0677.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0678.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0679.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0723.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/86438", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2963-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2964-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2972-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10159", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20160420-0001/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-21 03:02
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | linux | 7 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| oracle | solaris | 11.3 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| oracle | mysql | * | |
| oracle | mysql | * | |
| oracle | mysql | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "F2EA70BB-425F-4E0F-A618-F72258430EEE", versionEndExcluding: "5.5.47", versionStartIncluding: "5.5.20", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "889BD0D7-BB02-4317-A9F1-C6E5E03F16D4", versionEndExcluding: "10.0.23", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", matchCriteriaId: "C682E800-3908-422D-91FE-4C2956691CEB", versionEndExcluding: "10.1.10", versionStartIncluding: "10.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "124A9D43-F7FE-4E88-AAF5-C5F2214FC9A3", versionEndIncluding: "5.5.46", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "244C291E-590F-4EB3-B21A-C22EC5BBF93A", versionEndIncluding: "5.6.27", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "AF18143D-C98A-41E7-B71D-CC6AA5172463", versionEndIncluding: "5.7.9", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.", }, { lang: "es", value: "Vulnerabilidad no especificada en Oracle MySQL 5.5.46 y versiones anteriores, 5.6.27 y versiones anteriores y 5.7.9 y MariaDB en versiones anteriores a 5.5.47, 10.0.x en versiones anteriores a 10.0.23 y 10.1.x en versiones anteriores a 10.1.10 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores no conocidos relacionados con los privilegios.", }, ], id: "CVE-2016-0609", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "MULTIPLE", availabilityImpact: "PARTIAL", baseScore: 1.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:H/Au:M/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.2, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2016-01-21T03:02:36.100", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "secalert_us@oracle.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "secalert_us@oracle.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81258", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81258", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-08-31 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.7.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "967C3CF4-381C-4010-9E1D-C350069E6813", versionEndExcluding: "3.12.47", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "B92F6F8B-8BAF-4BE9-A3A7-6D7F85E5E8C1", versionEndExcluding: "3.14.54", versionStartIncluding: "3.13", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "7DC4BA70-B111-4D2E-BC78-6601CED68F08", versionEndExcluding: "3.16.35", versionStartIncluding: "3.15", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "1ACF067E-CBE4-4A62-9BC1-203FAF12DD2C", versionEndExcluding: "3.18.22", versionStartIncluding: "3.17", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "0ACD1220-4091-4A0D-9FBE-4FDAF6A40B0B", versionEndExcluding: "4.1.6", versionStartIncluding: "3.19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.", }, { lang: "es", value: "Vulnerabilidad en arch/x86/entry/entry_64.S en el kernel de Linux en versiones anteriores a 4.1.6 en la plataforma x86_64, no maneja correctamente los fallos IRET procesando NMIs que ocurrieron durante la ejecución en el espacio de usuario, lo que puede permitir a usuarios locales obtener privilegios mediante desencadenamiento de una NMI.", }, ], id: "CVE-2015-5157", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-08-31T10:59:11.830", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0185.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0212.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0224.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0715.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.debian.org/security/2015/dsa-3313", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2015/07/22/7", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76005", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2687-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2688-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2689-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2690-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2691-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0212.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0224.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0715.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.debian.org/security/2015/dsa-3313", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2015/07/22/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2687-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2688-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2689-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2690-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.ubuntu.com/usn/USN-2691-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-11-24 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| jqueryui | jquery_ui | 1.10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jqueryui:jquery_ui:1.10.0:rc1:*:*:*:jquery:*:*", matchCriteriaId: "458843F0-2EAD-4E60-B3A6-6859A690173C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.", }, { lang: "es", value: "Vulnerabilidad de XSS en la opción de contenido por defecto en jquery.ui.tooltip.js en el widget Tooltip en jQuery UI anterior a 1.10.0 permite a atacantes remotos inyectar secuencias de comandos web o HTMl arbitrarios a través del atributo del título, lo cual no se maneja debidamente en la demostración de cuadros combinados del autocompletado.", }, ], id: "CVE-2012-6662", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2014-11-24T16:59:01.993", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://bugs.jqueryui.com/ticket/8859", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://bugs.jqueryui.com/ticket/8861", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0442.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1462.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://seclists.org/oss-sec/2014/q4/613", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://seclists.org/oss-sec/2014/q4/616", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/71107", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/98697", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", }, { source: "cve@mitre.org", url: "https://github.com/jquery/jquery/issues/2432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://bugs.jqueryui.com/ticket/8859", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://bugs.jqueryui.com/ticket/8861", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0442.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1462.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://seclists.org/oss-sec/2014/q4/613", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://seclists.org/oss-sec/2014/q4/616", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/71107", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/98697", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/jquery/jquery/issues/2432", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-11-13 21:32
Modified
2025-04-12 10:46
Severity ?
Summary
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EC43DD1B-D8F0-4CC6-A5A9-C0DCEB1A7131", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8150D656-9B13-49D0-9960-4C78E057AB26", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "9C048B6A-5AB2-4363-8FE1-88D3F627E1BC", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*", matchCriteriaId: "ABA62CAC-C88C-44E5-A611-366F9AD5FB11", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*", matchCriteriaId: "B53405BD-AC8E-4106-9D21-BCD5815E7ECA", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*", matchCriteriaId: "0161F845-C5F4-4318-949A-499A4062FB78", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*", matchCriteriaId: "DBCACBF9-CE33-4F10-8CFC-84F24CC33476", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*", matchCriteriaId: "C42F577F-264C-4F8F-955A-67743965AB8C", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*", matchCriteriaId: "9000897D-502D-46E3-95A0-FBCEBB0ED5C1", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*", matchCriteriaId: "E53BBB9E-3A38-478E-BE88-E5C83E0C9ED8", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*", matchCriteriaId: "C1B8EDFF-5683-4171-BA76-9B26CAE19FB1", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*", matchCriteriaId: "022F28CD-4D6B-48AB-8E39-244E19D34F67", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*", matchCriteriaId: "16B5986E-1029-4D40-8012-1FF1615C929A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*", matchCriteriaId: "45439989-0D3B-4DCE-AB35-B63B1543CD59", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*", matchCriteriaId: "BBCD4F3C-8BD4-4367-B00C-A1379C158625", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*", matchCriteriaId: "12F2CFB7-5ACF-4328-B0F8-C3A981CAA368", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.15:*:*:*:*:*:*:*", matchCriteriaId: "CC3A72EF-FB1C-4CD8-B6C7-B7D60D6A14D3", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.16:*:*:*:*:*:*:*", matchCriteriaId: "14624E40-3CAA-45E5-BDF2-F08706FC68BF", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.17:*:*:*:*:*:*:*", matchCriteriaId: "E743ABC3-6F24-43E1-98E5-6F60BE975212", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.18:*:*:*:*:*:*:*", matchCriteriaId: "0BDA000C-A616-402B-B964-D5F4ADB6B550", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.19:*:*:*:*:*:*:*", matchCriteriaId: "62789464-0074-4009-B97B-665A21E0CC25", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.20:*:*:*:*:*:*:*", matchCriteriaId: "4B02B1BA-4E05-4AFD-B1F8-1CB54F2DC5B0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.21:*:*:*:*:*:*:*", matchCriteriaId: "95A77487-3ABD-40F5-9C98-49A65ED7F16D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.22:*:*:*:*:*:*:*", matchCriteriaId: "3911F202-5E7B-4DE3-90D9-07278923036B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.23:*:*:*:*:*:*:*", matchCriteriaId: "4CF1B6CF-3434-4874-9324-87D045511A13", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.24:*:*:*:*:*:*:*", matchCriteriaId: "133CA307-1B3A-4DBB-89F8-C780E4B1BA7C", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.25:*:*:*:*:*:*:*", matchCriteriaId: "48CD2EAB-A10E-4C91-9D00-9F98BD63CA1A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.26:*:*:*:*:*:*:*", matchCriteriaId: "F97BE4C9-E7FC-44FE-9F11-7776BCD6E81F", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.27:*:*:*:*:*:*:*", matchCriteriaId: "D97EAF12-679B-4494-871F-0074ABD0E20B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.0.28:*:*:*:*:*:*:*", matchCriteriaId: "70F58963-0C56-4228-B9DC-1EA54DA8070D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.0:*:*:*:*:*:*:*", matchCriteriaId: "D91451B0-301B-430D-9D77-00F4AE91C10A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.1:*:*:*:*:*:*:*", matchCriteriaId: "6917AC57-F49D-4EFC-920C-CCAFDF6174B0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.2:*:*:*:*:*:*:*", matchCriteriaId: "E7ACCE21-A19D-4BE5-9BED-30C5A7418719", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.3:*:*:*:*:*:*:*", matchCriteriaId: "344CCDAD-64EC-419C-995B-51F922AB9E39", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.4:*:*:*:*:*:*:*", matchCriteriaId: "49DB8FC4-F84A-47FD-9586-CF02761152A5", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.5:*:*:*:*:*:*:*", matchCriteriaId: "A1B43AF4-E52B-46EA-81CF-D4DCAE82E7DD", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.6:*:*:*:*:*:*:*", matchCriteriaId: "D57BDDEB-090D-472C-9FB6-4555429860E5", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.7:*:*:*:*:*:*:*", matchCriteriaId: "6CB23D13-94D2-4FAE-AB76-8574E35E02AD", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.8:*:*:*:*:*:*:*", matchCriteriaId: "D45B0F5E-B4E1-471E-8CDD-85E09837839F", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.9:*:*:*:*:*:*:*", matchCriteriaId: "F430F4C6-A738-4E02-BE76-041F71335E62", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.10:*:*:*:*:*:*:*", matchCriteriaId: "F272E2DC-7E54-4034-B7BA-30966D57CDFA", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.11:*:*:*:*:*:*:*", matchCriteriaId: "64EE97BB-D0EE-444A-96FA-D127892216F3", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.12:*:*:*:*:*:*:*", matchCriteriaId: "FB28F388-DE19-4C25-A838-949CA926C31A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.13:*:*:*:*:*:*:*", matchCriteriaId: "33DCAA09-7E8C-4C3E-901F-641681AA9E3C", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.14:*:*:*:*:*:*:*", matchCriteriaId: "435C588C-A478-4FB8-A47D-2605CB39C331", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.15:*:*:*:*:*:*:*", matchCriteriaId: "9EDDABF3-ECA6-433E-A7D6-8E13F0C6433B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.16:*:*:*:*:*:*:*", matchCriteriaId: "0142E0D7-85DD-413B-B176-2FB5E12C2FE0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.17:*:*:*:*:*:*:*", matchCriteriaId: "780D6C0C-2B20-425E-B15E-EE1AF9F28B31", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.18:*:*:*:*:*:*:*", matchCriteriaId: "DC2D3896-E095-4889-A9D1-6D8EB2882D64", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.19:*:*:*:*:*:*:*", matchCriteriaId: "C3CCDF3A-BEAB-4DA2-A15A-A855FFFD415A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.20:*:*:*:*:*:*:*", matchCriteriaId: "425F7D5B-EE8A-46EC-B986-414FB90702C6", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.21:*:*:*:*:*:*:*", matchCriteriaId: "9BC83E92-882B-4984-80FC-FAB7F5CD52E9", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.22:*:*:*:*:*:*:*", matchCriteriaId: "8AFAAACF-FD4A-4B1C-A35A-E11189DE2F85", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.23:*:*:*:*:*:*:*", matchCriteriaId: "A62B585C-2FC8-448F-97E7-CAC59548B03A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.24:*:*:*:*:*:*:*", matchCriteriaId: "07815863-DBCF-41E9-A459-9CE57B74E489", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.25:*:*:*:*:*:*:*", matchCriteriaId: "F826F2B5-F00A-44FE-9229-B4597017DE9E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.26:*:*:*:*:*:*:*", matchCriteriaId: "A4E4F6F8-80F3-433D-B702-9DEF6D375A64", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.1.27:*:*:*:*:*:*:*", matchCriteriaId: "1BE75031-0B8B-44A7-B541-F395BE7AF473", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "827A375E-8045-4A81-AB7C-11A89E862518", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "BEC1076D-2249-406B-9D43-B24764BBE007", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.2:*:*:*:*:*:*:*", matchCriteriaId: "F039CD91-0FF6-4640-B981-20A3F9384A1C", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.3:*:*:*:*:*:*:*", matchCriteriaId: "8008DADD-DB6C-4C67-B333-0DC4C7152B2A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.4:*:*:*:*:*:*:*", matchCriteriaId: "BC9E811B-4EED-4B6A-8836-5405F7F5A53D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.5:*:*:*:*:*:*:*", matchCriteriaId: "567E66B1-53D9-4A80-A938-2FE5C7CEB985", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.6:*:*:*:*:*:*:*", matchCriteriaId: "AA2186BE-288F-40FD-B634-76D14578E252", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.7:*:*:*:*:*:*:*", matchCriteriaId: "773043EA-8C41-4F42-9702-660FD6822FD9", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.8:*:*:*:*:*:*:*", matchCriteriaId: "37E05061-D666-492E-AF2B-CF30FC2FA759", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.8.1:*:*:*:*:*:*:*", matchCriteriaId: "A22BC2E4-A2A5-4637-A9B9-9E68FC982BC2", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.9:*:*:*:*:*:*:*", matchCriteriaId: "68DF059C-4C1D-4B9C-993E-1C4D3510471C", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.10:*:*:*:*:*:*:*", matchCriteriaId: "8E9A21B6-4A22-4801-8023-45F39EC02576", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.11:*:*:*:*:*:*:*", matchCriteriaId: "2EA5F76C-3524-4E80-985F-FC74DD20B5E8", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.12:*:*:*:*:*:*:*", matchCriteriaId: "FCB890F0-3126-4FDD-8162-AC28754D3D05", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.12.1:*:*:*:*:*:*:*", matchCriteriaId: "35CAA298-D755-4668-A568-439532DF7A0A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.13:*:*:*:*:*:*:*", matchCriteriaId: "13B53422-C666-4140-BF8A-EEDB8AC95A70", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.14:*:*:*:*:*:*:*", matchCriteriaId: "E6B1861D-61C3-469E-B37F-B76758626BCB", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.15:*:*:*:*:*:*:*", matchCriteriaId: "07517D8A-C31B-4F4E-87A0-3239F88015DF", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.16:*:*:*:*:*:*:*", matchCriteriaId: "1736E9EB-AC26-44D7-99EB-99CC1F596CB9", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.17:*:*:*:*:*:*:*", matchCriteriaId: "E94E55DE-7CCB-4C91-BBB3-9D11FF5F9440", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.18:*:*:*:*:*:*:*", matchCriteriaId: "E03D0521-C985-4A2C-A848-43BE614F9113", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.2.19:*:*:*:*:*:*:*", matchCriteriaId: "9AFBDD69-430C-4312-8B28-4A51FB4BC8D1", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.0:-:*:*:*:*:*:*", matchCriteriaId: "BE31FE31-3F85-41F3-9DCB-58A090E63DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.0:pre0:*:*:*:*:*:*", matchCriteriaId: "18A0842D-2CAC-4372-80D0-68BCCC28C7BF", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "A91948CE-E418-4450-AB62-9078D3A0FBEE", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "D34267DC-A768-4A0F-BB54-74314B70E4F9", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.3:*:*:*:*:*:*:*", matchCriteriaId: "160B3AD7-37A3-4A01-B1CD-83E6500E145A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.4:*:*:*:*:*:*:*", matchCriteriaId: "BCE61F19-A2C3-4FE9-9C5A-D1FB949B6CEE", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.5:*:*:*:*:*:*:*", matchCriteriaId: "5EDFE7E2-12FC-4819-8615-F76A312E8BEE", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.6:*:*:*:*:*:*:*", matchCriteriaId: "4993D25F-607B-4486-B9EC-566A1EEBE73B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.7:*:*:*:*:*:*:*", matchCriteriaId: "9FEF4D26-DD0C-4E67-8901-8B38A51C1FED", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.8:*:*:*:*:*:*:*", matchCriteriaId: "49CE4BAE-77EC-469D-9FE2-A807B7E2EC64", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:gnutls:3.3.9:*:*:*:*:*:*:*", matchCriteriaId: "7921C926-450B-4EFF-B610-B8B8FD17AE1A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.", }, { lang: "es", value: "La función _gnutls_ecc_ansi_x963_export en gnutls_ecc.c en GnuTLS 3.x anterior a 3.1.28, 3.2.x anterior a 3.2.20, y 3.3.x anterior a 3.3.10 permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango) a través de un certificado malicioso ECC de tipo (1) curva elíptica criptográfica o (2) peticiones de solicitudes de firma de certificado (CSR), relacionado con la generación de key IDs.", }, ], id: "CVE-2014-8564", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-11-13T21:32:13.427", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1846.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/59991", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/62284", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/62294", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2403-1", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1161443", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1846.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59991", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/62284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/62294", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2403-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1161443", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.", }, { lang: "es", value: "La función tt_cmap4_validate en sfnt/ttcmap.c en FreeType anterior a 2.5.4 valida cierto campo de longitud antes de que el valor de este campo está calculado completamente, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de una tabla SFNT cmap manipulada.", }, ], id: "CVE-2014-9663", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:25.490", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=184", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-08 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3F34F463-6350-4F48-B037-856DDBB1A4FE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B2C813BA-B8F9-446B-A07F-B51F26815578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "3DF4080D-0D95-429E-88AA-1051A5520C01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "CF50F098-A055-4B79-AC35-6BD6F32D70F2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*", matchCriteriaId: "540461D4-87F4-42AB-ADDC-C7A067FE2893", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*", matchCriteriaId: "3E676744-C623-4894-8764-43588E56D2FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*", matchCriteriaId: "669735D1-1C14-4CD7-AA7C-AD2CA63A1979", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*", matchCriteriaId: "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*", matchCriteriaId: "D5F71F24-D909-49D9-8B4F-FA757FDF1C25", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*", matchCriteriaId: "034D1C36-B73E-443E-A6B4-44CC6E7BC043", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*", matchCriteriaId: "6D373245-8384-45E4-BE2E-E0518BD7F84F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*", matchCriteriaId: "EED44413-D313-4588-9A4B-25F79D0925A3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*", matchCriteriaId: "C193EB08-BBC2-43A2-B11A-9C7E2098862D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*", matchCriteriaId: "022A5BCE-A1DC-48E2-829D-AD9261562095", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*", matchCriteriaId: "155F83A1-A04A-48C0-A801-B38F129F310F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*", matchCriteriaId: "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*", matchCriteriaId: "27A15D05-29BA-4CCC-9348-A516E1E2C079", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*", matchCriteriaId: "2004B474-9869-445D-957D-20EF254FB461", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*", matchCriteriaId: "8F91A5E0-0DD8-47DD-B52E-A15E8064945F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*", matchCriteriaId: "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*", matchCriteriaId: "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*", matchCriteriaId: "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*", matchCriteriaId: "3194C6CE-3E8A-4861-AED1-942824974AE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8D102460-B5D5-46C4-8021-7C3510A5FCF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "92265E60-7BBF-4E8E-A438-4132D8FD57BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "346DE008-472F-47E1-8B96-F968C7D0A003", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*", matchCriteriaId: "4C9BDB22-29E0-48A3-8765-FAC6A3442A35", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*", matchCriteriaId: "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*", matchCriteriaId: "F63AB9E5-FD99-40A8-B24F-623BDDBCA427", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*", matchCriteriaId: "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*", matchCriteriaId: "B0B873C1-E7D6-4E55-A5A7-85000B686071", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*", matchCriteriaId: "87D2E8DD-4225-476A-AF17-7621C9A28391", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*", matchCriteriaId: "40D913E2-0FBD-4F6C-8A21-43A0681237BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*", matchCriteriaId: "4B869CEB-7637-48C3-8A4C-171CFB766B97", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*", matchCriteriaId: "75CF5BC1-7071-48A3-86A9-C843485CAED5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*", matchCriteriaId: "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*", matchCriteriaId: "200DB058-C9F0-4983-AF99-EBB8FC2E7875", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*", matchCriteriaId: "57697AAD-5264-4C05-89E4-0228DEF2E9DF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*", matchCriteriaId: "24295270-DCBF-4FF3-88F7-E9A30B6388E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*", matchCriteriaId: "22E754F2-5D3D-437E-BB15-693D2EB58DA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*", matchCriteriaId: "CF4232D2-1F70-4A06-BD11-A0DFE6CE0744", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.18:*:*:*:*:*:*:*", matchCriteriaId: "A3256F8C-2CA8-43B5-96E5-794113FF531B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.19:*:*:*:*:*:*:*", matchCriteriaId: "593F15F7-E610-458B-B094-BF6AC53B719A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "EC0E7811-3B60-46E7-943C-E0E7ED00FB01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "50D26799-D038-470A-A468-58DBDB64A7E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "D3769BD6-B104-4F74-B8C4-89398A8894FB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "9757DD5E-42A6-44B8-9692-49690F60C8D1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "A7B5A014-D4EE-4244-AABA-0873492F7295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "CD9F8C2A-A94E-4D99-839B-47AAE8754191", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*", matchCriteriaId: "69D29A9E-DB23-4D86-B4A3-3C4F663416AD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*", matchCriteriaId: "D86AEE89-9F8E-43A5-A888-F421B10DB2C7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*", matchCriteriaId: "D335628F-EC07-43BE-9B29-3365A6F64D71", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*", matchCriteriaId: "D4EF7D71-3AAF-4112-831A-3538C5B82594", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.11:*:*:*:*:*:*:*", matchCriteriaId: "89835508-F72F-4D8A-8E4A-5CFAA5F90C24", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:7.0:*:*:*:*:*:*:*", matchCriteriaId: "7344422F-F65A-4000-A9EF-8D323DA29011", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.", }, { lang: "es", value: "Los servidores (1) mod_dav_svn yd (2) svnserve en Subversion 1.6.0 hasta 1.7.19 y 1.8.0 hasta 1.8.11 permiten a atacantes remotos causar una denegación de servicio (fallo de aserción y abortar) a través de combinaciones de parámetros relacionadas con números de revisión evaluados dinámicamente.", }, ], id: "CVE-2015-0248", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-08T18:59:01.827", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3231", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/74260", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033214", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201610-05", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3231", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201610-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205217", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-01-19 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| selinux_project | selinux | - | |
| fedoraproject | fedora | 25 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:selinux_project:selinux:-:*:*:*:*:*:*:*", matchCriteriaId: "4C42EBCF-BAC2-43F9-945A-E95A1B1B9078", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", matchCriteriaId: "772E9557-A371-4664-AE2D-4135AAEB89AA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.", }, { lang: "es", value: "SELinux policycoreutils permite a usuarios locales ejecutar comandos arbitrarios fuera de la sandbox a través de una llamada ioctl TIOCSTI manipulada.", }, ], id: "CVE-2016-7545", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-19T20:59:00.533", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2702.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0535.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0536.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/25/1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93156", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1037283", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPRNK3PWMAVNJZ53YW5GOEOGJSFNAQIF/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://marc.info/?l=selinux&m=147465160112766&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2702.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0535.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0536.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/25/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93156", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037283", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPRNK3PWMAVNJZ53YW5GOEOGJSFNAQIF/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://marc.info/?l=selinux&m=147465160112766&w=2", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * | |
| apple | watchos | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 | |
| xmlsoft | libxml2 | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", matchCriteriaId: "080450EA-85C1-454D-98F9-5286D69CF237", versionEndIncluding: "9.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82", versionEndIncluding: "10.11.3", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", matchCriteriaId: "B7CF16CB-120B-4FC0-B7A2-2FCD3324EA8A", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", matchCriteriaId: "FBF14807-BA21-480B-9ED0-A6D53352E87F", versionEndIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.", }, { lang: "es", value: "Desbordamiento de buffer basado en memoria dinámica en la función xmlGROW en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto obtener información sensible de la memoria de proceso a través de vectores no especificados.", }, ], id: "CVE-2015-7499", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-15T21:59:03.930", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/79509", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034243", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281925", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201701-37", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/79509", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281925", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201701-37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT206169", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2a | |
| openssl | openssl | 1.0.2b | |
| openssl | openssl | 1.0.2c | |
| openssl | openssl | 1.0.2d | |
| openssl | openssl | 1.0.2e | |
| openssl | openssl | 1.0.2f | |
| openssl | openssl | 1.0.2g | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F608A0-78BE-4F17-9E41-70933E52B3C7", versionEndIncluding: "1.0.1s", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*", matchCriteriaId: "18797BEE-417D-4959-9AAD-C5A7C051B524", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*", matchCriteriaId: "6FAA3C31-BD9D-45A9-A502-837FECA6D479", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*", matchCriteriaId: "6455A421-9956-4846-AC7C-3431E0D37D23", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", matchCriteriaId: "60F946FD-F564-49DA-B043-5943308BA9EE", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", matchCriteriaId: "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", matchCriteriaId: "9B89180B-FB68-4DD8-B076-16E51CC7FB91", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", matchCriteriaId: "4C986592-4086-4A39-9767-EF34DBAA6A53", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", matchCriteriaId: "7B23181C-03DB-4E92-B3F6-6B585B5231B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", matchCriteriaId: "94D9EC1C-4843-4026-9B05-E060E9391734", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*", matchCriteriaId: "B066401C-21CF-4BE9-9C55-C9F1E0C7BE3F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.", }, { lang: "es", value: "Desbordamiento de entero en la función EVP_EncryptUpdate en crypto/evp/evp_enc.c en OpenSSL en versiones anteriores a 1.0.1t y 1.0.2 en versiones anteriores a 1.0.2h permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica) a través de una gran cantidad de datos.", }, ], id: "CVE-2016-2106", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-05T01:59:02.217", references: [ { source: "secalert@redhat.com", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "secalert@redhat.com", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/89744", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/91787", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1035721", }, { source: "secalert@redhat.com", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "secalert@redhat.com", url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "secalert@redhat.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "secalert@redhat.com", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3f3582139fbb259a1c3cbb0a25236500a409bf26", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "secalert@redhat.com", url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "secalert@redhat.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201612-16", }, { source: "secalert@redhat.com", url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "secalert@redhat.com", url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { source: "secalert@redhat.com", url: "https://support.apple.com/HT206903", }, { source: "secalert@redhat.com", url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "secalert@redhat.com", url: "https://www.tenable.com/security/tns-2016-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/89744", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3f3582139fbb259a1c3cbb0a25236500a409bf26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201612-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.tenable.com/security/tns-2016-18", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-21 14:25
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libarchive | libarchive | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| oracle | solaris | 11.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*", matchCriteriaId: "6A6EFED3-4FD3-413D-85C2-73F746F346E8", versionEndIncluding: "3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.", }, { lang: "es", value: "Desbordamiento de entero en el analizador ISO en libarchive en versiones anteriores a 3.2.1 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un archivo ISO manipulado.", }, ], id: "CVE-2016-5844", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-21T14:25:16.550", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2016/06/23/6", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2016/06/24/4", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91808", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.securitytracker.com/id/1036173", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://github.com/libarchive/libarchive/issues/717", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201701-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2016/06/23/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2016/06/24/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91808", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.securitytracker.com/id/1036173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://github.com/libarchive/libarchive/issues/717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-03", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-21 14:25
Modified
2025-04-12 10:46
Severity ?
Summary
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| libarchive | libarchive | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*", matchCriteriaId: "6A6EFED3-4FD3-413D-85C2-73F746F346E8", versionEndIncluding: "3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.", }, { lang: "es", value: "La función archive_read_format_cpio_read_header en archive_read_support_format_cpio.c en libarchive en versiones anteriores a 3.2.1 permite a atacantes remotos provocar denegación de servicio (caída de aplicación) a través de un archivo CPIO con un enlace simbólico grande.", }, ], id: "CVE-2016-4809", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-21T14:25:05.610", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91813", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/commit/fd7e0c02", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/issues/705", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201701-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3657", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/commit/fd7e0c02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/issues/705", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-03", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-15 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_eus | 6.7.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| linuxfoundation | foomatic-filters | * | |
| oracle | linux | 6 | |
| redhat | enterprise_linux | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:*:*:*:*:*:*:*:*", matchCriteriaId: "447572C1-7B88-49BB-BDF5-FAB3DB6852C3", versionEndIncluding: "4.0.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.", }, { lang: "es", value: "Desbordamiento de buffer basado en memoria dinámica en la función unhtmlify en foomatic-rip en foomatic-filters en versiones anteriores a 4.0.6 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída) o posiblemente ejecutar código arbitrario a través de un título de trabajo largo.", }, ], id: "CVE-2010-5325", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-15T14:59:00.113", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/7", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "cve@mitre.org", url: "https://bugs.linuxfoundation.org/show_bug.cgi?id=515", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1218297", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.linuxfoundation.org/show_bug.cgi?id=515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1218297", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-06-27 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 16.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "F3382F51-B4F6-4FFA-A328-B64DA8E8403E", versionEndExcluding: "3.12.60", versionStartIncluding: "3.7", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "93999649-D40C-4114-9A09-89B4DAF469F6", versionEndExcluding: "3.16.36", versionStartIncluding: "3.13", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "56806170-9BCD-4160-A14A-558EFAB98EC8", versionEndExcluding: "3.18.54", versionStartIncluding: "3.17", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "BE1C880D-2740-4899-9DD1-341C600F5F92", versionEndExcluding: "4.4.21", versionStartIncluding: "3.19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.", }, { lang: "es", value: "Desbordamiento de entero en lib/asn1_decoder.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener privilegios a través de datos ASN.1 manipulados.", }, ], evaluatorComment: "CWE-190: Integer Overflow or Wraparound", id: "CVE-2016-0758", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-06-27T10:59:02.313", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1033.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1051.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1055.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/12/9", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/90626", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2979-4", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1300257", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/12/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/90626", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2979-4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1300257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-08 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.", }, { lang: "es", value: "Servidor de directorios en Red Hat Enterprise Linux de escritorio 6 a 7, Red Hat Enterprise Linux HPC de nodo 6 a 7, Servidor 6 a 7 de Red Hat Enterprise Linux y Red Hat Enterprise Linux Estación de trabajo 6 a 7 permite a atacantes remotos inferir la existencia del componente RDN objetos.", }, ], id: "CVE-2016-4992", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-08T19:29:00.260", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347760", }, { source: "secalert@redhat.com", url: "https://github.com/389ds/389-ds-base/commit/0b932d4b926d46ac5060f02617330dc444e06da1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347760", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/389ds/389-ds-base/commit/0b932d4b926d46ac5060f02617330dc444e06da1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-11-07 19:55
Modified
2025-04-12 10:46
Severity ?
Summary
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| qemu | qemu | 2.0.0 | |
| qemu | qemu | 2.0.0 | |
| qemu | qemu | 2.0.0 | |
| qemu | qemu | 2.0.0 | |
| qemu | qemu | 2.0.0 | |
| qemu | qemu | 2.0.2 | |
| qemu | qemu | 2.1.0 | |
| qemu | qemu | 2.1.0 | |
| qemu | qemu | 2.1.0 | |
| qemu | qemu | 2.1.0 | |
| qemu | qemu | 2.1.0 | |
| qemu | qemu | 2.1.0 | |
| qemu | qemu | 2.1.1 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:qemu:qemu:2.0.0:-:*:*:*:*:*:*", matchCriteriaId: "4745807B-A01D-41AE-8996-495176489A63", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.0.0:rc0:*:*:*:*:*:*", matchCriteriaId: "D583599F-AE5E-40E4-8489-62FD1D0A7845", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.0.0:rc1:*:*:*:*:*:*", matchCriteriaId: "DE70D9B7-F422-455F-8413-CF34342B22AB", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.0.0:rc2:*:*:*:*:*:*", matchCriteriaId: "E3946C39-A3D1-4E2B-9C7D-0654D9A644EA", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.0.0:rc3:*:*:*:*:*:*", matchCriteriaId: "7F858FD1-58A3-46ED-A3C6-64ECEDF8E458", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "B3C61AE3-16C8-4EC6-B33D-7E331BEA8F0C", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "A47A306F-4E42-467E-ACDA-62028DC93436", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.1.0:rc0:*:*:*:*:*:*", matchCriteriaId: "F7AE8D2A-FD6E-447F-BDC1-6CAAA0DDB9DF", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.1.0:rc1:*:*:*:*:*:*", matchCriteriaId: "8E48B585-A3E2-45FC-AA92-5DB57180B7DC", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.1.0:rc2:*:*:*:*:*:*", matchCriteriaId: "B0D54B9C-8C30-4186-A526-CE8AEE6252BA", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.1.0:rc3:*:*:*:*:*:*", matchCriteriaId: "E2F698F7-74B9-4C20-817D-1E8B92460E2D", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.1.0:rc5:*:*:*:*:*:*", matchCriteriaId: "C4B9D60F-DC78-4270-A41D-3C29FF53F4AA", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "DFAF4478-81BE-4891-8C13-0A8D8FEE46A7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.", }, { lang: "es", value: "La función sosendto en slirp/udp.c en QEMU anterior a 2.1.2 permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo) mediante el envió de un paquete udp con un valor de 0 en el pueto y dirección de la fuente, lo que provoca el acceso a un socket no inicializado.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", id: "CVE-2014-3640", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-11-07T19:55:02.713", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0349.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0624.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2014/dsa-3044", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3045", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2409-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1144818", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0349.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0624.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-3044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3045", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2409-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1144818", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-12-18 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:subversion:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D75936BB-5BE4-4B8C-B2A0-2BE13B713AE8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BFCE3B89-46A6-4D1F-AFB3-FCB6C3B66245", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E4DFB08D-01C2-4D95-8EB2-81F5C27AC656", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "A3625A8E-A326-4DCE-9CFB-B0E38FC54B6E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "106C86D0-84D9-4F44-821F-FD0D49EB32E7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "156DD5C1-C2C3-4AD7-B432-79CC3EC32B63", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "75551DEC-A2BE-453D-9ABA-B3041A2607C0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CB5A2F0A-E06E-40C6-98C1-4343AA9C2EFF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "0FC70E13-59B6-4A75-9AF0-D38CCAB2D117", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.0.9:*:*:*:*:*:*:*", matchCriteriaId: "8316A374-3E3E-4FBA-AB57-9244812C8E2D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0EB42901-B207-4B41-B09C-91153A19C7D5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E3DA7ADC-6A81-4250-B6E1-4E4425156941", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "83D766B5-5F07-44F1-A488-127D18510989", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "2C8479EC-930C-47DB-9A02-E7B2F9101E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "D1D47331-B23A-4A6E-8F14-74628F0E1846", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "C9E2C35C-FEBA-4525-8A38-9C170B34FA07", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A098CEF5-04BE-48C0-8414-AFC9D03771E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "C39739A0-8C23-4167-B63D-1000F9D3B684", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "0FD13E19-4B9C-4DBD-9339-7BFE5377689F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "35C2CFEF-2F6D-4F9A-9DDF-4CC6448BADC8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "6D04C072-7D90-428F-A226-BAD0105D22B7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "856959BA-9945-4AA8-95D3-B3752C0D895D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "13109084-931E-4565-BEE5-794B83E6978D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "4ED3EA46-88F7-438D-B8FC-D6C5E1C8984C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "726B9C10-ACD5-41C2-A552-FD0046A75966", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "87D72A75-EDB9-4AD1-B6FC-8A918804DE0B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "B55A7A26-C994-4956-BBE7-BF3A51971295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "FB9E26AB-915A-477F-BA5C-10965A7098F9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "DFD49A9B-16A7-4362-8D62-6EB5ECBE4296", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "7B0CB798-F4ED-44E5-9B15-B7009EAC6303", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "FC3F6E5C-CF55-4CEB-A5B6-D49E0234FF3F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C2C1DD29-88D2-49DE-9B77-D925A4B9EB7E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "67130DAF-AE81-43D2-A208-58A53746A7E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "FB9F8426-38CB-46B4-B0D0-8D16B48DD53F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "90631FFA-9AB2-483D-B162-31A47428D280", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "8BD5A981-3FDD-4E74-8EB2-5F324246FFF5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.7:*:*:*:*:*:*:*", matchCriteriaId: "88F4E8C9-671B-4DA3-9D0D-98539D8D4FE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.5.8:*:*:*:*:*:*:*", matchCriteriaId: "341F900B-5179-4CB4-9F41-91B58B29C414", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "3F34F463-6350-4F48-B037-856DDBB1A4FE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "B2C813BA-B8F9-446B-A07F-B51F26815578", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "3DF4080D-0D95-429E-88AA-1051A5520C01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "CF50F098-A055-4B79-AC35-6BD6F32D70F2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.4:*:*:*:*:*:*:*", matchCriteriaId: "540461D4-87F4-42AB-ADDC-C7A067FE2893", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.5:*:*:*:*:*:*:*", matchCriteriaId: "3E676744-C623-4894-8764-43588E56D2FC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.6:*:*:*:*:*:*:*", matchCriteriaId: "669735D1-1C14-4CD7-AA7C-AD2CA63A1979", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.7:*:*:*:*:*:*:*", matchCriteriaId: "D4C568FD-54BC-4506-AF60-BFE7CE14D0F5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.8:*:*:*:*:*:*:*", matchCriteriaId: "D5F71F24-D909-49D9-8B4F-FA757FDF1C25", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.9:*:*:*:*:*:*:*", matchCriteriaId: "034D1C36-B73E-443E-A6B4-44CC6E7BC043", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.10:*:*:*:*:*:*:*", matchCriteriaId: "6D373245-8384-45E4-BE2E-E0518BD7F84F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.11:*:*:*:*:*:*:*", matchCriteriaId: "EED44413-D313-4588-9A4B-25F79D0925A3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.12:*:*:*:*:*:*:*", matchCriteriaId: "C193EB08-BBC2-43A2-B11A-9C7E2098862D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.13:*:*:*:*:*:*:*", matchCriteriaId: "022A5BCE-A1DC-48E2-829D-AD9261562095", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.14:*:*:*:*:*:*:*", matchCriteriaId: "155F83A1-A04A-48C0-A801-B38F129F310F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.15:*:*:*:*:*:*:*", matchCriteriaId: "302DC06D-5FB1-4EF9-B5E1-6407B88D65FA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.16:*:*:*:*:*:*:*", matchCriteriaId: "27A15D05-29BA-4CCC-9348-A516E1E2C079", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.17:*:*:*:*:*:*:*", matchCriteriaId: "2004B474-9869-445D-957D-20EF254FB461", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.18:*:*:*:*:*:*:*", matchCriteriaId: "8F91A5E0-0DD8-47DD-B52E-A15E8064945F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.19:*:*:*:*:*:*:*", matchCriteriaId: "9C34BE8D-6DFF-4E57-971C-8CCEF13E6500", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.20:*:*:*:*:*:*:*", matchCriteriaId: "2CDBC5BA-6A3C-4DB9-BE16-83A4EB85100C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.21:*:*:*:*:*:*:*", matchCriteriaId: "DF1B4950-4D56-47A2-BCE8-FB3714EA1B2C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.6.23:*:*:*:*:*:*:*", matchCriteriaId: "3194C6CE-3E8A-4861-AED1-942824974AE0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "8D102460-B5D5-46C4-8021-7C3510A5FCF3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "92265E60-7BBF-4E8E-A438-4132D8FD57BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "346DE008-472F-47E1-8B96-F968C7D0A003", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.3:*:*:*:*:*:*:*", matchCriteriaId: "4C9BDB22-29E0-48A3-8765-FAC6A3442A35", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.4:*:*:*:*:*:*:*", matchCriteriaId: "FA5EB3A7-DE33-42CB-9B5E-646B9D4FFBFB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.5:*:*:*:*:*:*:*", matchCriteriaId: "F63AB9E5-FD99-40A8-B24F-623BDDBCA427", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.6:*:*:*:*:*:*:*", matchCriteriaId: "0CEA6C3E-C41B-4EF9-84E1-72BC6B72D1C6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.7:*:*:*:*:*:*:*", matchCriteriaId: "B0B873C1-E7D6-4E55-A5A7-85000B686071", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.8:*:*:*:*:*:*:*", matchCriteriaId: "87D2E8DD-4225-476A-AF17-7621C9A28391", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.9:*:*:*:*:*:*:*", matchCriteriaId: "40D913E2-0FBD-4F6C-8A21-43A0681237BB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.10:*:*:*:*:*:*:*", matchCriteriaId: "4B869CEB-7637-48C3-8A4C-171CFB766B97", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.11:*:*:*:*:*:*:*", matchCriteriaId: "75CF5BC1-7071-48A3-86A9-C843485CAED5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.12:*:*:*:*:*:*:*", matchCriteriaId: "9EB23250-EBD2-4A5F-BF5E-1DAE1A64EF0E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.13:*:*:*:*:*:*:*", matchCriteriaId: "200DB058-C9F0-4983-AF99-EBB8FC2E7875", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.14:*:*:*:*:*:*:*", matchCriteriaId: "57697AAD-5264-4C05-89E4-0228DEF2E9DF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.15:*:*:*:*:*:*:*", matchCriteriaId: "24295270-DCBF-4FF3-88F7-E9A30B6388E3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.16:*:*:*:*:*:*:*", matchCriteriaId: "22E754F2-5D3D-437E-BB15-693D2EB58DA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.17:*:*:*:*:*:*:*", matchCriteriaId: "CF4232D2-1F70-4A06-BD11-A0DFE6CE0744", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.18:*:*:*:*:*:*:*", matchCriteriaId: "A3256F8C-2CA8-43B5-96E5-794113FF531B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.7.19:*:*:*:*:*:*:*", matchCriteriaId: "593F15F7-E610-458B-B094-BF6AC53B719A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "EC0E7811-3B60-46E7-943C-E0E7ED00FB01", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "A57A3347-6C48-4803-AB4E-A4BC0E6BFA41", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "50D26799-D038-470A-A468-58DBDB64A7E6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "D3769BD6-B104-4F74-B8C4-89398A8894FB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "9757DD5E-42A6-44B8-9692-49690F60C8D1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "A7B5A014-D4EE-4244-AABA-0873492F7295", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "CD9F8C2A-A94E-4D99-839B-47AAE8754191", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*", matchCriteriaId: "69D29A9E-DB23-4D86-B4A3-3C4F663416AD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*", matchCriteriaId: "D86AEE89-9F8E-43A5-A888-F421B10DB2C7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*", matchCriteriaId: "D4EF7D71-3AAF-4112-831A-3538C5B82594", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:6.1.1:*:*:*:*:*:*:*", matchCriteriaId: "81EE9433-C21F-4902-B37E-CF4FC1132B72", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.", }, { lang: "es", value: "El módulo mod_dav del servidor Apache HTTPD en Apache Subversion 1.7.x anterior a 1.7.19 y 1.8.x anterior a 1.8.11 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída) a través de una petición a una URI que dispara una búsqueda para un nombre de transacción virtual que no existe.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", id: "CVE-2014-8108", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-18T15:59:01.350", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/61131", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/71725", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT204427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/61131", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/71725", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT204427", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| apple | mac_os_x | * | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "6773B830-647B-4DCA-ABAF-BCF414C4F07C", versionEndIncluding: "5.4.38", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a \"type confusion\" issue.", }, { lang: "es", value: "El método SoapClient::__call en ext/soap/soap.c en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 no verifica que __default_headers es un array, lo que permite a atacantes remotos ejecutar código arbitrario mediante la provisión de datos serializados manipulados con un tipo de datos no esperado, relacionado con un problema de 'confusión de tipo'.", }, ], id: "CVE-2015-4147", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:09.503", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/73357", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032459", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69085", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/73357", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-19", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "6773B830-647B-4DCA-ABAF-BCF414C4F07C", versionEndIncluding: "5.4.38", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a \"type confusion\" issue.", }, { lang: "es", value: "La función do_soap_call en ext/soap/soap.c en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 no verifica que la propiedad uri es una cadena, lo que permite a atacantes remotos obtener información sensible mediante la provisión de datos serializados manipulados con un tipo de datos int, relacionados con un problema de 'confusión de tipo'.", }, ], id: "CVE-2015-4148", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:10.487", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/75103", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032459", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69085", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4", versionEndIncluding: "5.4.40", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*", matchCriteriaId: "14D652D3-59BB-4BCA-95E4-87A8102154CA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*", matchCriteriaId: "59A42F02-F363-4C13-BE83-19F757B84455", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, { lang: "es", value: "La implementación pcntl_exec en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 trunca un nombre de ruta al encontrar un caracter \\x00, lo que podría permitir a atacantes remotos evadir las restricciones de extensión y ejecutar ficheros con nombres no esperados a través de un argumento inicial manipulado. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2006-7243.", }, ], id: "CVE-2015-4026", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:08.597", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/75056", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032431", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=68598", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=68598", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-19", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-12-19 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mageia | mageia | 4.0 | |
| redhat | libvirt | - | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F805A106-9A6F-48E7-8582-D3C5A26DFC11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:libvirt:-:*:*:*:*:*:*:*", matchCriteriaId: "FED07429-2F89-4903-99EF-C153CD0FC59E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.", }, { lang: "es", value: "Las funciones (1) qemuDomainMigratePerform y (2) qemuDomainMigrateFinish2 en qemu/qemu_driver.c en libvirt no desbloquea el dominio cuando una comprobación de ACL falla, lo que permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar.", }, ], id: "CVE-2014-8136", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-19T15:59:10.377", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0002.html", }, { source: "secalert@redhat.com", url: "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=2bdcd29c713dfedd813c89f56ae98f6f3898313d", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/61111", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:023", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=2bdcd29c713dfedd813c89f56ae98f6f3898313d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/61111", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-09-08 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spice_project | spice | 0.12.4 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:spice_project:spice:0.12.4:*:*:*:*:*:*:*", matchCriteriaId: "B9120288-1454-4ED9-AFD2-FCA52B92E761", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.", }, { lang: "es", value: "Vulnerabilidad de condición de carrera en la función worker_update_monitors_config en SPICE 0.12.4, permite a usuarios remotos autenticados invitados causar una denegación de servicio (corrupción de memoria dinámica y caída de QEMU-KVM) o posiblemente ejecutar código arbitrario en el host a través de vectores no especificados.", }, ], id: "CVE-2015-3247", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-09-08T15:59:02.720", references: [ { source: "secalert@redhat.com", url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1714.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1715.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3354", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033459", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033460", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1033753", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2736-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1714.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1715.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3354", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033460", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1033753", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2736-1", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-17 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0BD0822E-225D-4534-A6F7-D8E442432CA1", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D31E4828-5DF6-47E7-86AE-CD03259D1E37", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "EF3DD5E3-C304-4519-BE45-F20276E0DB7A", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.3:*:*:*:*:*:*:*", matchCriteriaId: "1D5FB154-6600-4CE1-9811-5BC672D68991", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.4:*:*:*:*:*:*:*", matchCriteriaId: "01CE79DA-B5C3-4923-B941-95C4717C8BE9", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.5:*:*:*:*:*:*:*", matchCriteriaId: "307F7310-F34B-4CEC-B81B-33899006E882", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.6:*:*:*:*:*:*:*", matchCriteriaId: "9D7CC46F-8875-4630-9B1A-278E94A2CD47", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.7:*:*:*:*:*:*:*", matchCriteriaId: "5CB351C4-66F2-4DAE-A34D-E5B2237F1887", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.8:*:*:*:*:*:*:*", matchCriteriaId: "9182A35A-C31C-4C8D-917A-C2B2231364AC", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.9:*:*:*:*:*:*:*", matchCriteriaId: "63EBEA36-790A-454D-B29F-996D0C0204FC", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.10:*:*:*:*:*:*:*", matchCriteriaId: "22E3EC4A-48AE-4039-974D-4D5BE0598A79", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.11:*:*:*:*:*:*:*", matchCriteriaId: "FCB8C32D-C84B-4D0D-A145-562904B94C61", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.12:*:*:*:*:*:*:*", matchCriteriaId: "66D52942-C9DA-46CF-B066-B2D569EAD5AB", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.13:*:*:*:*:*:*:*", matchCriteriaId: "F54BE2F2-226D-4EAE-BBE3-8B042E2B3914", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.14:*:*:*:*:*:*:*", matchCriteriaId: "4CFE1F4C-3476-4C43-99E7-41846BAE6544", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.15:*:*:*:*:*:*:*", matchCriteriaId: "910858E2-1083-4F9F-827D-E0F8EBA6C1A4", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.16:*:*:*:*:*:*:*", matchCriteriaId: "CB713EAA-C0CB-464B-B9B4-40D9718B9106", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.17:*:*:*:*:*:*:*", matchCriteriaId: "6C285215-4125-44E4-A1EC-A2BA92F88251", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*", matchCriteriaId: "68650F82-F655-4008-85EF-E86C02D9944D", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*", matchCriteriaId: "23CA8354-40A7-4E01-AA8A-8200A34EA2BD", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*", matchCriteriaId: "26EA706E-DE8C-404F-BE45-99E0E8C1D0BF", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*", matchCriteriaId: "BC53B1B4-00F9-48B3-903F-D49F1E66668D", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.46:*:*:*:*:*:*:*", matchCriteriaId: "41CAF5A3-CE18-424C-B1F5-B3B2763CE600", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.47:*:*:*:*:*:*:*", matchCriteriaId: "98BACC25-D2CB-4347-BE7A-6A1238363C77", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.48:*:*:*:*:*:*:*", matchCriteriaId: "53A4BE56-B7DD-494C-A770-3ED6C682D3AD", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.49:*:*:*:*:*:*:*", matchCriteriaId: "4E062716-0141-4625-AA6F-FA560E49C100", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.50:*:*:*:*:*:*:*", matchCriteriaId: "4A90DE61-E53B-487E-86A8-33C0E027F956", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.51:*:*:*:*:*:*:*", matchCriteriaId: "0FCA7078-EB66-4950-A42E-AFA1C4884BF0", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.52:*:*:*:*:*:*:*", matchCriteriaId: "F820B469-1F21-4E38-9632-3D909B115D51", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.53:*:*:*:*:*:*:*", matchCriteriaId: "B6AA59E3-7FCE-408F-9A24-1E4D451BB15C", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.54:*:*:*:*:*:*:*", matchCriteriaId: "3975A1BA-90A6-4E16-BA17-CFA62EDB017B", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.55:*:*:*:*:*:*:*", matchCriteriaId: "42C8E1B5-9C65-4067-8FC6-63E286C7C5DD", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.56:*:*:*:*:*:*:*", matchCriteriaId: "FD1F6317-6CC3-4B1B-8A2C-F131F20395FC", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.57:*:*:*:*:*:*:*", matchCriteriaId: "90A028CB-53C4-4FA0-AB46-7FA6A5621D19", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.58:*:*:*:*:*:*:*", matchCriteriaId: "BD5BDDFE-93CE-462E-B059-78AE7635491E", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.59:*:*:*:*:*:*:*", matchCriteriaId: "12FAE5EA-91B4-4E3C-863D-BAFA832BD7E0", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.60:*:*:*:*:*:*:*", matchCriteriaId: "ACA2135A-6BB7-4C44-94A9-61C3DAE3BFE4", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.61:*:*:*:*:*:*:*", matchCriteriaId: "C011CFB5-66CF-4E9F-987B-497AF7F7D89C", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.62:*:*:*:*:*:*:*", matchCriteriaId: "51BECA9A-9A4F-483D-B0F8-7EDF39653220", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.63:*:*:*:*:*:*:*", matchCriteriaId: "144ADD44-7A0D-41CD-B9DD-8B0D55B30AE8", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.64:*:*:*:*:*:*:*", matchCriteriaId: "3629070E-A703-42DC-92B5-192D1C4E965A", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.65:*:*:*:*:*:*:*", matchCriteriaId: "BBADA027-AC75-48C1-A374-52D22C916DD7", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.66:*:*:*:*:*:*:*", matchCriteriaId: "A860B37D-62CB-4421-8A7E-32E944D8BDF5", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.67:*:*:*:*:*:*:*", matchCriteriaId: "816C584C-B1BE-4EF6-B524-4438006BD2C4", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.68:*:*:*:*:*:*:*", matchCriteriaId: "1F3062CE-C2DC-4920-9C35-B793E0EE367C", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.69:*:*:*:*:*:*:*", matchCriteriaId: "60466538-FEDC-4B88-B6DC-344770D5BEEB", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.70:*:*:*:*:*:*:*", matchCriteriaId: "30C5B79D-E24E-4D10-BA02-9CFD87C77B58", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.71:*:*:*:*:*:*:*", matchCriteriaId: "D32FAFD1-9E31-4D59-8B40-D6522566B85B", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.72:*:*:*:*:*:*:*", matchCriteriaId: "0359678E-7979-47F8-9583-A988211EEC79", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.73:*:*:*:*:*:*:*", matchCriteriaId: "A512A128-3906-4838-A932-29BA2C327957", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.74:*:*:*:*:*:*:*", matchCriteriaId: "23D7612C-445C-45B1-8320-1086972CA0B1", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.75:*:*:*:*:*:*:*", matchCriteriaId: "09E4C01C-B275-4092-AF25-803B219C4617", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.0.76:*:*:*:*:*:*:*", matchCriteriaId: "8B4D6B65-32AB-4845-9C26-F47E5824D4C3", vulnerable: true, }, { criteria: "cpe:2.3:a:linuxfoundation:cups-filters:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "AE3913DB-A23C-42EB-B04C-464270C3C1F1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.", }, { lang: "es", value: "Vulnerabilidad de lista negra incompleta en util.c en foomatic-rip en cups-filters 1.0.42 en versiones anteriores a 1.2.0 y en foomatic-filters en Foomatic 4.0.x permite a atacantes remotos ejecutar comandos arbitrarios a través de caracteres ` (acento grave) en un trabajo de impresión.", }, ], evaluatorComment: "<a href=\"https://cwe.mitre.org/data/definitions/184.html\">CWE-184: Incomplete Blacklist</a>", id: "CVE-2015-8327", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-17T19:59:05.590", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS", }, { source: "cve@mitre.org", url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3411", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3429", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/78524", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2831-1", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2831-2", }, { source: "cve@mitre.org", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-printing/2015/11/msg00020.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-printing/2015/12/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3411", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3429", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/78524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2831-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2831-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-printing/2015/11/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-printing/2015/12/msg00001.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-11 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| setroubleshoot_project | setroubleshoot | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*", matchCriteriaId: "81FFD870-6377-4CE9-89C0-07EA99635370", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.", }, { lang: "es", value: "Setroubleshoot permite a los usuarios locales evitar un mecanismo de protección de contenedor previsto y ejecutar comandos arbitrarios al activar una denegación de SELinux con un nombre de archivo manipulado, que es manejado por la función _set_tpath en audit_data.py oa través de un (2) local_id o ( 3) campo analysis_id en un documento XML manipulado a la función run_fix en SetroubleshootFixit.py, relacionado con las funciones subprocess.check_output y commands.getstatusoutput, una vulnerabilidad diferente de CVE-2016-4445.", }, ], id: "CVE-2016-4989", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-11T18:59:00.353", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/574", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://securitytracker.com/id/1036144", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1346461", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/dda55aa50db95a25f0d919c3a0d5871827cdc40f", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/e69378d7e82a503534d29c5939fa219341e8f2ad", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/574", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://securitytracker.com/id/1036144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1346461", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/dda55aa50db95a25f0d919c3a0d5871827cdc40f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/e69378d7e82a503534d29c5939fa219341e8f2ad", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-30 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| php | php | * | |
| php | php | * | |
| php | php | * | |
| apple | mac_os_x | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "F02ECE02-6B6C-4B1E-A570-53BF94722DB8", versionEndExcluding: "5.4.40", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "B70DA5B9-36FC-44F1-A372-4A736D1CB043", versionEndExcluding: "5.5.22", versionStartIncluding: "5.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "E88B9450-0A63-4FEA-98FE-AE92F7E54AA9", versionEndExcluding: "5.6.6", versionStartIncluding: "5.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en la función phar_rename_archive en phar_object.c en PHP anterior a 5.5.22 y 5.6.x anterior a 5.6.6 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan un intento de renombrar un archivo Phar al nombre de un fichero existente.", }, ], id: "CVE-2015-2301", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-30T10:59:10.630", references: [ { source: "cve@mitre.org", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b2cf3f064b8f5efef89bb084521b61318c71781b", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", ], url: "http://openwall.com/lists/oss-security/2015/03/15/6", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3198", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/73037", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1031949", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2535-1", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=68901", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194747", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b2cf3f064b8f5efef89bb084521b61318c71781b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", ], url: "http://openwall.com/lists/oss-security/2015/03/15/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3198", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/73037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1031949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2535-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=68901", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194747", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205267", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-14 22:59
Modified
2025-04-12 10:46
Severity ?
Summary
XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tigervnc | tigervnc | - | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*", matchCriteriaId: "79A8316C-BA22-441E-92AF-415AFABCEB76", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.", }, { lang: "es", value: "XRegion en TigerVNC permite a servidores VNC remotos provocar una denegación de servicio (referencia al puntero NULO) aprovechando un fallo en la comprobación de un valor de retorno malloc, un problema similar a CVE-2014-6052.", }, ], id: "CVE-2014-8241", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-14T22:59:00.200", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://seclists.org/oss-sec/2014/q4/278", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://seclists.org/oss-sec/2014/q4/300", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70390", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1151312", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2015-2233.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://seclists.org/oss-sec/2014/q4/278", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://seclists.org/oss-sec/2014/q4/300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1151312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2015-2233.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "D1A0EBC0-73C1-4640-90AD-4371D1C0D09F", versionEndIncluding: "10.6.8", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*", matchCriteriaId: "06A4AE53-A477-4386-887C-4B7408575C23", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*", matchCriteriaId: "C8A2286E-9D1C-4B56-8B40-150201B818AF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*", matchCriteriaId: "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*", matchCriteriaId: "D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*", matchCriteriaId: "831B1114-7CA7-43E3-9A15-592218060A1F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*", matchCriteriaId: "E8B0A12E-E122-4189-A05E-4FEA43C19876", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.", }, { lang: "es", value: "Múltiples desbordamientos de buffer basado en pila en la función phar_set_inode en phar_internal.h en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permiten a atacantes remotos ejecutar código arbitrario a través de un valor de longitud manipulado en un archivo (1) tar, (2) phar, o (3) ZIP.", }, ], id: "CVE-2015-3329", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:02.537", references: [ { source: "cve@mitre.org", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74240", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032145", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69441", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205267", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74240", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032145", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://bugs.php.net/bug.php?id=69441", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT205267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-13 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mercurial:mercurial:*:*:*:*:*:*:*:*", matchCriteriaId: "EE61A315-75AC-46FE-A269-990B4A8BD156", versionEndIncluding: "3.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "D41A798E-0D69-43C7-9A63-1E5921138EAC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*", matchCriteriaId: "DB2A1559-651C-46B0-B436-8E03DC8A60D2", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.", }, { lang: "es", value: "Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de un nombre manipulado cuando se convierte un repositorio Git.", }, ], id: "CVE-2016-3069", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-13T16:59:17.227", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201612-19", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/197eed39e3d5", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/80cac1de6aea", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/ae279d4a19e9", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/b732e7f2aba4", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/cdda7b96afff", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201612-19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/197eed39e3d5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/80cac1de6aea", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/ae279d4a19e9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/b732e7f2aba4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://selenic.com/repo/hg-stable/rev/cdda7b96afff", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, { lang: "es", value: "El método SoapFault::__toString en ext/soap/soap.c en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a atacantes remotos obtener información sensible, provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un tipo de dato no esperado, relacionado con un caso \"type confusion\".", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/843.html\">Access of Resource Using Incompatible Type ('Type Confusion')</a>", id: "CVE-2015-4599", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:06.830", references: [ { source: "secalert@redhat.com", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4", }, { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75251", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.", }, { lang: "es", value: "La función phar_parse_metadata en ext/phar/phar.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permite a atacantes remotos causar una denegación de servicio (corrupción de metadatos de la memoria dinámica) o posiblemente tener otro impacto no especificado a través de un archivo tar manipulado.", }, ], id: "CVE-2015-3307", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:01.253", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74703", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://bugs.php.net/bug.php?id=69443", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1223441", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugs.php.net/bug.php?id=69443", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1223441", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 18:59
Modified
2025-04-12 10:46
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
References
Impacted products
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "ImageMagick Arbitrary File Deletion Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", matchCriteriaId: "967EC28A-607F-48F4-AD64-5E3041C768F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "2148300C-ECBD-4ED5-A164-79629859DD43", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:6.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "837F0D24-99B3-4093-A45A-53ADB0367FCF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2_s390x:*:*:*:*:*:*:*", matchCriteriaId: "357FDE3E-2248-4BCD-B726-97C4D92FDCB7", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.3_s390x:*:*:*:*:*:*:*", matchCriteriaId: "E420B889-BB89-4B64-B0E0-7E9B8545B959", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "B908AEF5-67CE-42D4-961D-C0E7ADB78ADD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "0F8EB695-5EA3-46D2-941E-D7F01AB99A48", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*", matchCriteriaId: "1E1DB003-76B8-4D7B-A6ED-5064C3AE1C11", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "6D8D654F-2442-4EA0-AF89-6AC2CD214772", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8BCF87FD-9358-42A5-9917-25DF0180A5A6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "9835090F-120A-4A53-B4A8-375DD6999167", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8E5B5F9E-D749-45E5-8538-7CED9620C00C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "188019BF-3700-4B3F-BFA5-553B2B545B7F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "9B8B2E32-B838-4E51-BAA2-764089D2A684", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "4319B943-7B19-468D-A160-5895F7F997A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "7A584AAA-A14F-4C64-8FED-675DC36F69A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "D373A806-8A25-4BD4-8511-879D8755C326", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.3_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "CFE6C909-798B-4B7A-9BD4-6741933DBC1F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "E9A24D0C-604D-4421-AFA6-5D541DA2E94D", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "3A2E3637-B6A6-4DA9-8B0A-E91F22130A45", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "F81F859C-DA89-4D1E-91D3-A000AD646203", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "418488A5-2912-406C-9337-B8E85D0C2B57", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*", matchCriteriaId: "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*", matchCriteriaId: "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*", matchCriteriaId: "FE561C57-71DE-434A-85BC-1FAAFDCC7058", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "6755B6AD-0422-467B-8115-34A60B1D1A40", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", matchCriteriaId: "87477201-64C5-490B-AAE1-23D26F774989", versionEndExcluding: "6.9.3-10", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*", matchCriteriaId: "3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB", vulnerable: true, }, { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*", matchCriteriaId: "693C9F8F-A8C1-4D06-8F31-E085E16E701C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", matchCriteriaId: "D7B037A8-72A6-4DFF-94B2-D688A5F6F876", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", matchCriteriaId: "44B8FEDF-6CB0-46E9-9AD7-4445B001C158", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", matchCriteriaId: "964B57CD-CB8A-4520-B358-1C93EC5EF2DC", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", matchCriteriaId: "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*", matchCriteriaId: "FD4EEF7C-CC33-4494-8531-7C0CC28A8823", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3CBED083-B935-4C47-BBDA-F39D8EA277ED", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*", matchCriteriaId: "BD6136E8-74DE-48AF-A8AB-B0E93D34870C", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", matchCriteriaId: "2076747F-A98E-4DD9-9B52-BF1732BCAD3D", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "D41A798E-0D69-43C7-9A63-1E5921138EAC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", matchCriteriaId: "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", matchCriteriaId: "ED540469-C4DD-485D-9B89-6877B2A74217", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.", }, { lang: "es", value: "El codificador EPHEMERAL en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permite a atacantes remotos eliminar archivos arbitrarios a través de una imagen manipulada.", }, ], id: "CVE-2016-3715", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2016-05-05T18:59:04.727", references: [ { source: "secalert@redhat.com", tags: [ "Broken Link", "Patch", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3746", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/89852", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201611-21", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39767/", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "secalert@redhat.com", tags: [ "Release Notes", ], url: "https://www.imagemagick.org/script/changelog.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Patch", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3746", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/89852", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201611-21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39767/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.imagemagick.org/script/changelog.php", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-552", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2012-07-18 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse_project | opensuse | 12.2 | |
| postgresql | postgresql | 8.4 | |
| postgresql | postgresql | 8.4.1 | |
| postgresql | postgresql | 8.4.2 | |
| postgresql | postgresql | 8.4.3 | |
| postgresql | postgresql | 8.4.4 | |
| postgresql | postgresql | 8.4.5 | |
| postgresql | postgresql | 8.4.6 | |
| postgresql | postgresql | 8.4.7 | |
| postgresql | postgresql | 8.4.8 | |
| postgresql | postgresql | 8.4.9 | |
| postgresql | postgresql | 8.4.10 | |
| postgresql | postgresql | 9.0 | |
| postgresql | postgresql | 9.0.1 | |
| postgresql | postgresql | 9.0.2 | |
| postgresql | postgresql | 9.0.3 | |
| postgresql | postgresql | 9.0.4 | |
| postgresql | postgresql | 9.0.5 | |
| postgresql | postgresql | 9.0.6 | |
| debian | debian_linux | 6.0 | |
| redhat | desktop_workstation | 5 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.2 | |
| redhat | enterprise_linux_server_eus | 6.2.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| postgresql | postgresql | 9.1 | |
| postgresql | postgresql | 9.1.1 | |
| postgresql | postgresql | 9.1.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse_project:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "06FD3E94-06C6-4C93-B6EB-442D1B5C62AD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*", matchCriteriaId: "8F30CA60-0A82-45CD-8044-CE245393593D", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*", matchCriteriaId: "5C991F71-1E27-47A6-97DC-424FC3EF6011", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*", matchCriteriaId: "5740C7AA-1772-41D8-9851-3E3669CD8521", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*", matchCriteriaId: "970338CD-A680-4DD0-BD27-459B0DDA4002", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A99C579D-44C0-40A4-A4EB-CBCF40D0C2FA", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*", matchCriteriaId: "3E9E57FA-5EAE-4698-992D-146C6310E0B8", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*", matchCriteriaId: "C66CDEC1-FB2E-49B7-A8BE-38E43C8ED652", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*", matchCriteriaId: "87DF2937-9C51-4768-BAB1-901BCA636ADD", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*", matchCriteriaId: "515C0ECD-2D95-4B6E-8E2F-DAF94E4A310F", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*", matchCriteriaId: "EA0EB754-7A71-40FA-9EAD-44914EB758C3", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*", matchCriteriaId: "1089D316-D5A3-4F2D-9E52-57FD626A1D06", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*", matchCriteriaId: "2DD4DE67-9E3C-4F79-8AAB-344C1C46C618", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CCB718D2-97AA-4D61-AA4B-2216EEF55F67", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*", matchCriteriaId: "605C06BF-54A0-40F8-A01E-8641B4A83035", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*", matchCriteriaId: "1F1F5B75-78D5-408E-8148-CA23DCED9CBB", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*", matchCriteriaId: "88DE8C27-0E0A-4428-B25D-054D4FC6FEA8", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*", matchCriteriaId: "F609DDE4-0858-4F83-B8E6-7870196E21CB", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*", matchCriteriaId: "349F02AF-013E-4264-9717-010293A3D6E4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:desktop_workstation:5:*:*:*:*:*:*:*", matchCriteriaId: "B9F8A72C-443B-4FC8-9A9C-311A3ED94257", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", matchCriteriaId: "AD6D0378-F0F4-4AAA-80AF-8287C790EC96", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:*", matchCriteriaId: "BE3115B4-5DF0-415B-83D9-CC460AF75586", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", matchCriteriaId: "4796DBEC-FF4F-4749-90D5-AD83D8B5E086", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*", matchCriteriaId: "79108278-D644-4506-BD9C-F464C6E817B7", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*", matchCriteriaId: "10CF0AA0-41CD-4D50-BA7A-BF8846115C95", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.", }, { lang: "es", value: "PostgreSQL v8.4.x antes de v8.4.11, v9.0.x antes de v9.0.7, y v9.1.x antes de v9.1.3 trunca el nombre común a sólo 32 caracteres en la verificación de los certificados SSL, lo que permite a atacantes remotos falsificar conexiones cuando el nombre de host es exactamente de 32 caracteres.", }, ], id: "CVE-2012-0867", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-07-18T23:55:01.827", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-0678.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/49273", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2012/dsa-2418", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:026", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.postgresql.org/about/news/1377/", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.postgresql.org/docs/8.4/static/release-8-4-11.html", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.postgresql.org/docs/9.0/static/release-9-0-7.html", }, { source: "secalert@redhat.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.postgresql.org/docs/9.1/static/release-9-1-3.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2012-0678.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49273", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2012/dsa-2418", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:026", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.postgresql.org/about/news/1377/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.postgresql.org/docs/8.4/static/release-8-4-11.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.postgresql.org/docs/9.0/static/release-9-0-7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://www.postgresql.org/docs/9.1/static/release-9-1-3.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| systemd_project | systemd | 209 | |
| systemd_project | systemd | 213 | |
| systemd_project | systemd | 214 | |
| systemd_project | systemd | 229 | |
| novell | suse_linux_enterprise_software_development_kit | 12.0 | |
| novell | suse_linux_enterprise_desktop | 12 | |
| novell | suse_linux_enterprise_server | 12.0 | |
| novell | suse_linux_enterprise_server | 12.0 | |
| novell | suse_linux_enterprise_server_for_sap | 12.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:systemd_project:systemd:209:*:*:*:*:*:*:*", matchCriteriaId: "D9C4D716-A579-4E00-BB40-225555EC1610", vulnerable: true, }, { criteria: "cpe:2.3:a:systemd_project:systemd:213:*:*:*:*:*:*:*", matchCriteriaId: "76487F68-8C55-4603-BEE3-B10DFF8C387C", vulnerable: true, }, { criteria: "cpe:2.3:a:systemd_project:systemd:214:*:*:*:*:*:*:*", matchCriteriaId: "8AC2D908-4E64-46E8-9C48-E1FD1B5017A3", vulnerable: true, }, { criteria: "cpe:2.3:a:systemd_project:systemd:229:*:*:*:*:*:*:*", matchCriteriaId: "60DD52ED-400F-4E9C-B9C3-907DE5ABCBC3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", matchCriteriaId: "01E6CAD9-DC1F-4C7C-8C8E-98E4BFABAC94", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "BCEA3D62-99E0-48F9-A0CF-981BF28A509D", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:ltss:*:*:*", matchCriteriaId: "6AB85D92-66AE-4747-BE69-60479D178544", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", matchCriteriaId: "81D94366-47D6-445A-A811-39327B150FCD", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:suse_linux_enterprise_server_for_sap:12.0:*:*:*:*:*:*:*", matchCriteriaId: "B1CAEB29-5FEF-4713-847F-0059E6BD843E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.", }, { lang: "es", value: "La función manager_dispatch_notify_fd en systemd permite a usuarios locales provocar una denegación de servicio (colgado de sistema) a través de un mensaje de longitud cero recibido sobre una notificación de encaje, lo que provoca que se devuelva un error y que el controlador de notificación se desactive.", }, ], id: "CVE-2016-7796", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-13T14:59:14.567", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0003.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/30/1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/93250", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1037320", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1381911", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://github.com/systemd/systemd/issues/4234#issuecomment-250441246", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHBA-2015-2092.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/30/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/93250", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037320", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1381911", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://github.com/systemd/systemd/issues/4234#issuecomment-250441246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHBA-2015-2092.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-30 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "6773B830-647B-4DCA-ABAF-BCF414C4F07C", versionEndIncluding: "5.4.38", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "D1A0EBC0-73C1-4640-90AD-4371D1C0D09F", versionEndIncluding: "10.6.8", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*", matchCriteriaId: "06A4AE53-A477-4386-887C-4B7408575C23", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*", matchCriteriaId: "C8A2286E-9D1C-4B56-8B40-150201B818AF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*", matchCriteriaId: "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*", matchCriteriaId: "D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*", matchCriteriaId: "831B1114-7CA7-43E3-9A15-592218060A1F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*", matchCriteriaId: "E8B0A12E-E122-4189-A05E-4FEA43C19876", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en la función process_nested_data en ext/standard/var_unserializer.re en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 permite a atacantes remotos ejecutar código arbitrario a través de una llamada no serializada manipulada que aprovecha el uso de la función unset dentro de una función __wakeup, un problema relacionado con CVE-2015-0231.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", id: "CVE-2015-2787", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-30T10:59:15.663", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "cve@mitre.org", url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/73431", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032485", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=68976", }, { source: "cve@mitre.org", url: "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT205267", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/73431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=68976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/HT205267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-11-24 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libpng:libpng:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6D6B3DAF-DF99-48B2-8E7C-BE8E043D4C24", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "29050958-EFD8-4A79-9022-EF72AAD4EDB3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "B3CB33B1-71B2-4235-A2C1-FCAEA9844A6A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "436F8C71-1780-4DC6-937B-8F1F51C7453D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "0BF2C6F3-BFE7-4234-9975-DE7FCDA26A46", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "5B79DC5F-5062-4031-BA11-746EE3C8E1CE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CAD6DE25-8B2F-4DB9-9969-8AAC23BC0AE5", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "35F2B503-1516-465D-A558-9932BDB3457D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.9:*:*:*:*:*:*:*", matchCriteriaId: "BA94EAAA-A4D2-4E36-BC69-BBE9644FE970", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.10:*:*:*:*:*:*:*", matchCriteriaId: "F3A7C96C-8FBB-42B4-937E-3321C939CC87", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.11:*:*:*:*:*:*:*", matchCriteriaId: "94084356-D39B-41B2-AC24-0ADAD0BF5988", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*", matchCriteriaId: "086C6335-7872-46A7-AEB1-9BE5AE5A788C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*", matchCriteriaId: "FF8233B1-04A0-4E25-97EE-CF466B48A12E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*", matchCriteriaId: "FA714E7E-05EF-4598-9324-887BC66C675E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*", matchCriteriaId: "C5CF3B73-D3B9-4D76-B411-C837BCE0806E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*", matchCriteriaId: "D1752D91-3468-4E22-B60F-6789B3CBD7B4", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*", matchCriteriaId: "F433AA7E-A780-4D45-AD1A-5A4CE1F3FCD1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*", matchCriteriaId: "93E210A7-489B-4EA7-A840-599523157DD3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*", matchCriteriaId: "B37565FA-72F5-4063-8D7A-97BC269F020B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*", matchCriteriaId: "BC8FA821-818E-4BC7-834B-94EB5C042390", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*", matchCriteriaId: "F3FBF3D3-95A6-4869-8A69-F0E5ECA40220", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*", matchCriteriaId: "D07785D0-E995-4208-AB8C-43B320D291F9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*", matchCriteriaId: "152DDD6E-CF56-4E1C-BE4D-C7BC0FD9B08C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*", matchCriteriaId: "19BBA666-4473-4C6D-BF48-34EF3F09AD7D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*", matchCriteriaId: "B7DDF6CC-7997-47E7-96D3-8DC10F1D17F0", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*", matchCriteriaId: "A1926DD0-0A9B-4F9D-BB4F-AC7AB0B3F0E4", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*", matchCriteriaId: "2763A6C7-DBBA-4E2A-917C-B6FF524B9891", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*", matchCriteriaId: "E7DECDF8-7742-4D58-99FA-100A01748B05", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*", matchCriteriaId: "CA4FD3B1-3A68-4122-AA50-31BFC6C50408", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*", matchCriteriaId: "45790331-CE26-457F-8649-F027703E73EE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*", matchCriteriaId: "0B0BFE2D-5C7B-42E0-B783-8C5907CA8635", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*", matchCriteriaId: "7CD993C1-70B6-4ACB-B958-94E7EF973A8B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.33:*:*:*:*:*:*:*", matchCriteriaId: "C085686C-A0AA-4F56-9E7D-B5CB24B890D9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.34:*:*:*:*:*:*:*", matchCriteriaId: "D02A5197-06B9-469E-9817-45BB23324042", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.35:*:*:*:*:*:*:*", matchCriteriaId: "5EB6BE37-E564-4E42-BE39-36DD301C37A4", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.37:*:*:*:*:*:*:*", matchCriteriaId: "314209F2-E0A0-4045-8108-8E7215312442", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.38:*:*:*:*:*:*:*", matchCriteriaId: "11A8ECBB-7E50-4447-88E2-893C1466C251", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.39:*:*:*:*:*:*:*", matchCriteriaId: "8B8F24A5-F5C3-495F-9AF0-2EE836E0147A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.40:*:*:*:*:*:*:*", matchCriteriaId: "46DE2DE3-F081-4B80-A4DA-C5AB27B3CA8C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.41:*:*:*:*:*:*:*", matchCriteriaId: "71EF1D77-7838-47DF-B6A2-DBBAC0058FED", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.42:*:*:*:*:*:*:*", matchCriteriaId: "76BA4FEA-FEB4-47A9-9DFF-A233CEE03D04", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.43:*:*:*:*:*:*:*", matchCriteriaId: "60DB5A63-E89E-48AB-A846-107EBEC71D67", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.44:*:*:*:*:*:*:*", matchCriteriaId: "2181FEEB-D07E-490C-9953-3490D87B63A9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.45:*:*:*:*:*:*:*", matchCriteriaId: "36DC41DD-A291-4ECE-84B9-574828AA2A80", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.46:*:*:*:*:*:*:*", matchCriteriaId: "015D1E36-17A1-4413-B1FB-5DF4C36712BD", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.47:*:*:*:*:*:*:*", matchCriteriaId: "F64CE8F2-22B1-43F8-8934-CBCD2EFBA85D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.48:*:*:*:*:*:*:*", matchCriteriaId: "CEB15BE8-1B88-4117-AF14-3AA2B54DB323", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.50:*:*:*:*:*:*:*", matchCriteriaId: "A2CB2728-4CC7-46EA-809B-450A9BB9F884", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.51:*:*:*:*:*:*:*", matchCriteriaId: "96638963-D264-49AD-9B77-497C3DA23DFA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.52:*:*:*:*:*:*:*", matchCriteriaId: "88544BBE-29A1-4622-B3E6-FA4B891A9B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.53:*:*:*:*:*:*:*", matchCriteriaId: "DD658D98-9A4D-4DC2-A935-BB3BF0E0FB2B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.54:*:*:*:*:*:*:*", matchCriteriaId: "FFF819AF-AC11-4BD9-A070-572836A65FB7", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.55:*:*:*:*:*:*:*", matchCriteriaId: "2EEAC62D-BF2B-40DF-9428-FFBF7CA09471", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.55:rc01:*:*:*:*:*:*", matchCriteriaId: "27DFAB04-5C5C-4366-B3FC-C83AAB807F0B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.56:*:*:*:*:*:*:*", matchCriteriaId: "36327723-F953-4BD3-A525-930DDCF7931D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.56:devel:*:*:*:*:*:*", matchCriteriaId: "36F717B1-CC02-4878-9A78-1584074E81C0", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.57:*:*:*:*:*:*:*", matchCriteriaId: "7D482811-2EF1-47AE-A41C-7532AC6DEF31", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.57:rc01:*:*:*:*:*:*", matchCriteriaId: "FF26AB67-81F8-4CD2-8E28-BDF9FE2CD58F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.58:*:*:*:*:*:*:*", matchCriteriaId: "2D0EE98D-0596-4147-9EC4-F3616BF2B901", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.59:*:*:*:*:*:*:*", matchCriteriaId: "62F15027-0E80-48B7-9ECD-9E7228F0E81B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.60:*:*:*:*:*:*:*", matchCriteriaId: "99904D7E-0046-4481-99B6-01710D4FC848", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.61:*:*:*:*:*:*:*", matchCriteriaId: "8AB33B4E-E69A-4002-816C-24CCD49682F2", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.62:*:*:*:*:*:*:*", matchCriteriaId: "42A4FAF1-4B81-47C4-BFB7-6052524A2DA8", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.0.63:*:*:*:*:*:*:*", matchCriteriaId: "686A50C3-93E1-4C3F-8089-322BE26E6317", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "C036011A-9AE1-423C-8B73-188B9BA20FEE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "663C6EE5-5B5E-4C0F-9E7F-D0E1DA9AF9EA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "8051459E-94D3-4D4A-9D40-CC9475DDB00C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "42056C63-69A7-43CF-828C-0C3E365702D9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "5B6A39A3-7F86-4DC3-B248-859630AFB9A3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "58377AE3-1C13-4C3F-BC55-8336DAEEF97F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "005C2DA4-D00E-4206-851E-9226D66B5F2F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "97B17602-0D97-469B-A9B1-30AAC8F758F1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.8:*:*:*:*:*:*:*", matchCriteriaId: "857B664A-C6F9-45E3-93EA-C0F53CEF5C46", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.9:*:*:*:*:*:*:*", matchCriteriaId: "6DFDA458-74E8-4DEF-B524-A4A8672CB66A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.10:*:*:*:*:*:*:*", matchCriteriaId: "9A3E3BF3-4376-4692-A515-A7B6593F28F1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.11:*:*:*:*:*:*:*", matchCriteriaId: "AB6AF9D5-CE60-4FC9-91AB-E243F0D429E9", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.12:*:*:*:*:*:*:*", matchCriteriaId: "3B1AC712-110D-458F-B650-930C6D45CA53", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.13:*:*:*:*:*:*:*", matchCriteriaId: "7F848FA5-9682-454F-A9DE-671C4401F15F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.14:*:*:*:*:*:*:*", matchCriteriaId: "C4B83678-98A1-440E-950C-4A27995C7294", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.15:*:*:*:*:*:*:*", matchCriteriaId: "FB9EEE31-479A-4370-BF00-C26C1AF502B6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.16:*:*:*:*:*:*:*", matchCriteriaId: "95EABD7D-1F18-4FA5-BAA9-F8D69129E531", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.17:*:*:*:*:*:*:*", matchCriteriaId: "65B836CA-3740-48B0-966B-21E65EF3D636", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.18:*:*:*:*:*:*:*", matchCriteriaId: "3988FA1B-18D9-46AA-87BA-A6B01D4F4B25", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.19:*:*:*:*:*:*:*", matchCriteriaId: "51A46409-7AC6-45DB-B92D-29988C445BC1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.20:*:*:*:*:*:*:*", matchCriteriaId: "09E2B608-6C70-446F-A3A7-369048D99855", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.21:*:*:*:*:*:*:*", matchCriteriaId: "5AA00AE0-F447-4361-AA37-0C98BDE491E3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.22:*:*:*:*:*:*:*", matchCriteriaId: "21DACE94-FBDC-4A3D-8DD6-E62D18F5EE7A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.23:*:*:*:*:*:*:*", matchCriteriaId: "220A02AF-6ADA-4B75-BC81-40B2D847029A", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.24:*:*:*:*:*:*:*", matchCriteriaId: "ECEB8F61-195E-41DE-90CE-22854055E9D6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.25:*:*:*:*:*:*:*", matchCriteriaId: "D0F72B91-1F7F-41EB-ABC8-1B50AFEC70EA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.26:*:*:*:*:*:*:*", matchCriteriaId: "111091B9-CBAE-4FC7-8B97-7D2345BFCB45", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.27:*:*:*:*:*:*:*", matchCriteriaId: "54C6D9D3-50B2-4A63-B3D1-C76C70F4443E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.28:*:*:*:*:*:*:*", matchCriteriaId: "4110AA74-C69D-45BC-A630-9EE3A2036BD6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.29:*:*:*:*:*:*:*", matchCriteriaId: "F2DEFD05-10EE-4242-B885-FD1B0DF6CAA1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.30:*:*:*:*:*:*:*", matchCriteriaId: "1CAA1090-C1C7-43A2-BD44-065572D226B6", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.31:*:*:*:*:*:*:*", matchCriteriaId: "2FD92305-91BF-4984-A029-8FA83CBF1A12", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.32:*:*:*:*:*:*:*", matchCriteriaId: "F9F9A6DB-19BF-4798-879E-9BD4AD5EFF2F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.33:*:*:*:*:*:*:*", matchCriteriaId: "31EE280F-D76D-478B-ADD6-D5F2C7574A2F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.34:*:*:*:*:*:*:*", matchCriteriaId: "747314F7-A515-41FF-8095-62A9F05F0DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.35:*:*:*:*:*:*:*", matchCriteriaId: "C1BE9ED0-685B-41F0-A984-D33E7034AEA7", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.36:*:*:*:*:*:*:*", matchCriteriaId: "E3F6AD99-7697-47E5-8301-723C16535C76", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.37:*:*:*:*:*:*:*", matchCriteriaId: "07B00AD3-D13C-45B5-A13A-9092D40F4A63", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.38:*:*:*:*:*:*:*", matchCriteriaId: "14222EA8-E8ED-4818-ACB4-C6A13643F210", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.39:*:*:*:*:*:*:*", matchCriteriaId: "A22C28DD-5C99-4722-9093-A1E82A2C2808", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.40:*:*:*:*:*:*:*", matchCriteriaId: "93714B71-6331-4F5A-A12A-B4B80CA2FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.41:*:*:*:*:*:*:*", matchCriteriaId: "10CD562E-1F06-4779-A29C-4069E3C86B16", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.42:*:*:*:*:*:*:*", matchCriteriaId: "4D83D507-64AF-4158-97B9-1353E2F8EE46", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.43:*:*:*:*:*:*:*", matchCriteriaId: "BC5E39EA-C32E-4E87-9A3F-CCB5144F0E68", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.43:devel:*:*:*:*:*:*", matchCriteriaId: "61B9103F-CD72-4F06-BED1-7AE4AB9E672C", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.44:*:*:*:*:*:*:*", matchCriteriaId: "0DF6249D-5AA8-4EA3-A92A-0E492FE5B811", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.45:*:*:*:*:*:*:*", matchCriteriaId: "CDE7F259-40A2-4866-8EF8-44A9913EC4EF", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.45:devel:*:*:*:*:*:*", matchCriteriaId: "CFA3EED5-F0AB-4C5C-92D7-B84BFDAA31AE", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.46:*:*:*:*:*:*:*", matchCriteriaId: "03C20A42-6A77-43D4-80D7-332BB2DF1B66", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.46:devel:*:*:*:*:*:*", matchCriteriaId: "8A0A1B56-0E92-4E81-9B2C-4F9B9D5833EF", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.47:*:*:*:*:*:*:*", matchCriteriaId: "D4CC5DBB-249B-4EED-9F54-E23CB1919ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.47:beta:*:*:*:*:*:*", matchCriteriaId: "C10D9119-0FF8-4DFE-8632-A14D9C83CC9E", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.48:*:*:*:*:*:*:*", matchCriteriaId: "088A1BDB-BB1A-46B5-898B-23311DE27CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.48:betas:*:*:*:*:*:*", matchCriteriaId: "C24CA735-6EA6-41E3-A82D-D443BB47806B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.49:*:*:*:*:*:*:*", matchCriteriaId: "6CBAA828-F42A-420F-B17E-6FACF6CD483D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.50:*:*:*:*:*:*:*", matchCriteriaId: "D20664A4-4816-4F57-82BB-F4116FA33A41", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.51:*:*:*:*:*:*:*", matchCriteriaId: "64226521-0723-4259-B214-0D2A35CF5FBA", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.52:*:*:*:*:*:*:*", matchCriteriaId: "6ABEEBFE-A8C8-40D4-97D8-F06676E67478", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.2.53:*:*:*:*:*:*:*", matchCriteriaId: "47831D80-33AC-4A13-B92D-3D2CBF215955", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "52D5DAA1-3632-48D7-A657-4A4C83A119D5", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "EB5AE8E0-3C11-4EE1-A599-4D70C6A13F1B", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "6AD36C3B-3C02-488B-B480-EA091D702CA3", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "59BAD272-D4B6-40CE-B5E9-63145E12B638", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "5EEB311C-766D-4070-A0BE-9CE4593C8F49", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "C185BF59-68E4-49F8-802F-C06FE840FF3D", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "5C399B31-B8EC-41C4-B6AB-83BABC474374", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "3B00AF5F-D4F5-490C-8BF4-2B33EFBF15A7", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "BA9AEB1D-0AA7-4842-9CF9-91BFD8B58A4F", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "09150152-5DEA-4FA2-9163-63EAF4D83DEF", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "45E5068A-42BE-478B-8C00-FE23B7837DC1", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.11:*:*:*:*:*:*:*", matchCriteriaId: "023CCFB0-7995-408E-928A-76C5BD9B4924", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "493F615D-DB81-48B3-9E74-C32544A01372", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "D2F12925-44F7-4790-8A06-345EB3DCCB71", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.14:*:*:*:*:*:*:*", matchCriteriaId: "7F5BF226-D62F-4F54-B771-EB108FD256FC", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.15:*:*:*:*:*:*:*", matchCriteriaId: "D2EDBFCB-96DA-4A36-873A-3164975BE997", vulnerable: true, }, { criteria: "cpe:2.3:a:libpng:libpng:1.4.16:*:*:*:*:*:*:*", matchCriteriaId: "ACDB15BE-BDD2-4210-B224-A520E8DC7D89", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*", matchCriteriaId: "AA856400-1B48-429A-94A0-173B7EEE1EC2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.", }, { lang: "es", value: "La función png_convert_to_rfc1123 en png.c en libpng 1.0.x en versiones anteriores a 1.0.64, 1.2.x en versiones anteriores a 1.2.54 y 1.4.x en versiones anteriores a 1.4.17 permite a atacantes remotos obtener información sensible de la memoria de proceso a través de un fragmento de datos tlME manipulado en un archivo de imagen, lo que desencadena una lectura fuera de rango.", }, ], id: "CVE-2015-7981", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-11-24T20:59:15.017", references: [ { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-2594.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-2595.html", }, { source: "cve@mitre.org", url: "http://sourceforge.net/p/libpng/bugs/241/", }, { source: "cve@mitre.org", url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3399", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/10/26/1", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/10/26/3", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/77304", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1034393", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2815-1", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201611-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-2594.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-2595.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sourceforge.net/p/libpng/bugs/241/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/10/26/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/10/26/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/77304", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034393", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2815-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201611-08", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-14 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | subscription-manager | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:subscription-manager:*:*:*:*:*:*:*:*", matchCriteriaId: "88E30BE3-5125-428A-BCED-7FBF2256A4BB", versionEndIncluding: "1.17.6-1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.", }, { lang: "es", value: "El paquete Subscription Manager (también conocido como subscription-manager) en versiones anteriores a 1.17.7-1 para Candlepin utiliza permisos débiles (755) para los directorios de caché del subscription-manager, lo que permite a los usuarios locales obtener información sensible leyendo archivos en los directorios.", }, ], id: "CVE-2016-4455", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-14T18:59:00.297", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2592.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0698.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/10/26/5", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93926", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038083", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1340525", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/candlepin/subscription-manager/commit/9dec31", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2592.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0698.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/10/26/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93926", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1038083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1340525", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/candlepin/subscription-manager/commit/9dec31", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| php | php | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "215660D4-6BA6-4E00-8425-9FC5DAE768D8", versionEndIncluding: "5.6.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.", }, { lang: "es", value: "PHP en versiones anteriores a 5.6.7 podría permitir a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecuar código arbitrario a través de un tipo de dato no esperado, relacionado con casos \"type confusion\" en (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c y (3) ext/soap/soap.c, un caso diferente a CVE-2015-4600.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/843.html\">Access of Resource Using Incompatible Type ('Type Confusion')</a>", id: "CVE-2015-4601", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:08.767", references: [ { source: "secalert@redhat.com", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75246", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-19 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| fedoraproject | 389_directory_server | 1.3.4.0 | |
| fedoraproject | 389_directory_server | 1.3.4.1 | |
| fedoraproject | 389_directory_server | 1.3.4.4 | |
| fedoraproject | 389_directory_server | 1.3.4.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.0:*:*:*:*:*:*:*", matchCriteriaId: "CA30F3F3-3384-4E46-B51F-FCAF43728779", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.1:*:*:*:*:*:*:*", matchCriteriaId: "2AC25FDF-B453-471A-84B7-AFA08B6039CA", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.4:*:*:*:*:*:*:*", matchCriteriaId: "C78CE214-54CB-4ECC-B45D-CFABF249E1E5", vulnerable: true, }, { criteria: "cpe:2.3:a:fedoraproject:389_directory_server:1.3.4.5:*:*:*:*:*:*:*", matchCriteriaId: "6CCA8C87-70FF-488E-9A3F-26D77323AB75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.", }, { lang: "es", value: "slapd/connection.c en 389 Directory Server (anteriormente Fedora Directory Server) 1.3.4.x en versiones anteriores a 1.3.4.7 permite a atacantes remotos causar una denegación de servicio (bucle infinito y bloqueo de conexion) aprovechándose de una conexión cerrada de manera anómala.", }, ], id: "CVE-2016-0741", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-19T21:59:06.973", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0204.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/82343", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", }, { source: "secalert@redhat.com", url: "https://fedorahosted.org/389/ticket/48412", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0204.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/82343", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fedorahosted.org/389/ticket/48412", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| freetype | freetype | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.", }, { lang: "es", value: "Error de signo de enteros en la función Mac_Read_POST_Resource en base/ftobjs.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica) o posiblemente tener otro impacto no especificado a través de una fuente Mac manipulada.", }, ], id: "CVE-2014-9673", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-02-08T11:59:34.647", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=154", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=154", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-11 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| setroubleshoot_project | setroubleshoot | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*", matchCriteriaId: "5C62A645-0382-4719-99D0-2247C4EAA2A0", versionEndIncluding: "3.2.22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.", }, { lang: "es", value: "La función fix_lookup_id en sealert en setroubleshoot en versiones anteriores a 3.2.23 permite a los usuarios locales ejecutar comandos arbitrarios como root activando una denegación de SELinux con un nombre de archivo manipulado, relacionado con la ejecución de comandos externos con la función commands.getstatusoutput.", }, ], id: "CVE-2016-4445", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-11T18:59:00.260", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91430", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036144", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339183", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-09-21 14:25
Modified
2025-04-12 10:46
Severity ?
Summary
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| libarchive | libarchive | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*", matchCriteriaId: "DC45D478-0BA2-4386-B1D2-E516D9AC28A9", versionEndIncluding: "3.1.901a", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", matchCriteriaId: "CC7A498A-A669-4C42-8134-86103C799D13", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", matchCriteriaId: "104DA87B-DEE4-4262-AE50-8E6BC43B228B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.", }, { lang: "es", value: "libarchive en versiones anteriores a 3.2.0 no limita el número de descompresiones recursivas, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y caída de aplicación) a través de un archivo gzip manipulado.", }, ], id: "CVE-2016-7166", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-09-21T14:25:29.833", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/15", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/18", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/92901", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347086", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/libarchive/libarchive/issues/660", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201701-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.securityfocus.com/bid/92901", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347086", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/libarchive/libarchive/issues/660", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-03", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*", matchCriteriaId: "FC633250-EB1E-4484-9BCB-977C8F9EB0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", matchCriteriaId: "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", matchCriteriaId: "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3", versionEndIncluding: "2.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*", matchCriteriaId: "3FB4F7C3-1521-42B6-9820-15C2B156BAD6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.", }, { lang: "es", value: "La función tt_face_load_kern en sfnt/ttkern.c en FreeType anterior a 2.5.4 fuerza una longitud de tabla mínima incorrecta, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de una fuente TrueType manipulada.", }, ], id: "CVE-2014-9658", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-08T11:59:20.647", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=194", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72986", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201503-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201503-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.", }, { lang: "es", value: "PHP en versiones anteriores a 5.5.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 no asegura que los nombres de ruta carezcan de secuencia %00, lo que permite a atacantes remotos leer archivos arbitrarios a través de una entrada manipulada que llama a la función stream_resolve_include_path en ext/standard/streamsfuncs.c, como se demuestra con un ataque filename\\0.extension que eluce una configuración deseada en la que los usuarios cliente pueden leer archivos con sólo una extensión específica.", }, ], id: "CVE-2015-3412", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:03.423", references: [ { source: "cve@mitre.org", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/75250", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032709", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=69353", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75250", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=69353", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, { lang: "en", value: "CWE-254", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-01-25 12:00
Modified
2025-04-11 00:51
Severity ?
Summary
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2013-0550.html | Third Party Advisory | |
| cve@mitre.org | http://www.isc.org/software/bind/advisories/cve-2012-5689 | Vendor Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2693-1 | Third Party Advisory | |
| cve@mitre.org | https://kb.isc.org/article/AA-00855/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-0550.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.isc.org/software/bind/advisories/cve-2012-5689 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2693-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/article/AA-00855/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.1 | |
| isc | bind | 9.9.1 | |
| isc | bind | 9.9.1 | |
| isc | bind | 9.9.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.4 | |
| redhat | enterprise_linux_server_eus | 6.4.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.1 | |
| isc | bind | 9.8.2 | |
| isc | bind | 9.8.2 | |
| isc | bind | 9.8.2 | |
| isc | bind | 9.8.3 | |
| isc | bind | 9.8.3 | |
| isc | bind | 9.8.3 | |
| isc | bind | 9.8.4 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", matchCriteriaId: "A2B96B87-F18C-41EF-9A37-7D0842433A4E", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", matchCriteriaId: "AFA1AA14-4D4A-45D0-9573-D53C0FFFFF78", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", matchCriteriaId: "F5DE1274-F7A1-4F12-A4F5-1CB1DD5B84E1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", matchCriteriaId: "401A7E61-AC3D-417D-97B8-E5E736DC6FCC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", matchCriteriaId: "C7C37F7D-DD28-4C70-A534-A3F434DF4273", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", matchCriteriaId: "B2EC1F99-85C1-4081-A118-790111741246", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", matchCriteriaId: "85D6C9B7-9D5D-4589-AC83-E6ECB535EBFD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", matchCriteriaId: "043A5E3F-529B-4A9A-8531-184EE6D1942D", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", matchCriteriaId: "673057D5-256C-4933-B56F-4BF8848323F1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", matchCriteriaId: "C2CE371B-E399-4D74-B46C-3606E4BDA53A", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", matchCriteriaId: "6A3798A1-134C-4066-A012-10C15F103EAC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", matchCriteriaId: "9CA1AEBE-040C-483A-9850-7DA888FF8075", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", matchCriteriaId: "B9A33F04-3240-4268-B613-C4876770A30F", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*", matchCriteriaId: "91DA33F1-CA29-4EB1-8F95-8CEA71383BF4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4.z:*:*:*:*:*:*:*", matchCriteriaId: "EF3F4527-8ADB-4A45-9E2C-C6E45D637D14", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", matchCriteriaId: "4EBDD71E-6F17-4EB6-899F-E27A93CDFDF2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", matchCriteriaId: "811D03B2-96A8-47F9-80BE-54228A4108EC", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", matchCriteriaId: "B3D4393C-1151-49F9-963B-B6FD88E93814", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", matchCriteriaId: "25855A5C-302F-4A82-AEC1-8C4C9CB70362", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", matchCriteriaId: "03E68ACA-0288-4EE5-9250-54711B2E6670", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", matchCriteriaId: "8D717D3D-F4BF-470B-AC2B-D1234A7303EB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", matchCriteriaId: "66D259B7-4F9E-43B2-BB1D-3B097D3CDB28", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", matchCriteriaId: "4F9DA20E-57EA-49A0-9DB2-E9E0191EC1AB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", matchCriteriaId: "FCC604FD-A834-4BA7-B1E2-1FCB6A583204", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", matchCriteriaId: "479D3C6C-1FD7-4DBE-A841-4B58400A89F1", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", matchCriteriaId: "BAF29160-63C2-40D0-BE08-3C8181CD5092", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", matchCriteriaId: "8DAA3942-0979-4D33-BD52-EF7F0403DFBD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", matchCriteriaId: "39D75F93-B6A7-4D25-8147-25F7F867E5B2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", matchCriteriaId: "B046CE1D-03E1-462F-9762-9269E59BD554", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", matchCriteriaId: "DAC9049D-6284-40F7-9E97-596FEDF9EEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", matchCriteriaId: "10D06B47-911B-4095-ABD2-DDD38E6306F3", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", matchCriteriaId: "59428551-218B-4C32-982F-DCDC894E2954", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", matchCriteriaId: "961E22DC-1467-4A0C-9450-A2E047FCFCFD", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", matchCriteriaId: "DF77CAF5-A8D6-4479-9C4D-A698D26BDC6A", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*", matchCriteriaId: "AD318FF1-320B-4311-AF7E-988C023B4938", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.", }, { lang: "es", value: "ISC BIND v9.8.x hasta 9.8.4-P1 y v9.9.x hasta v9.9.2-P1, en ??ciertas configuraciones que implican DNS64 con una zona de política de respuesta que carece de una regla de reescritura AAAA, permite a atacantes remotos provocar una denegación de servicio (aserción fracaso y salida llamado demonio) a través de una consulta para un registro AAAA.", }, ], id: "CVE-2012-5689", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-01-25T12:00:46.087", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0550.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.isc.org/software/bind/advisories/cve-2012-5689", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2693-1", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-00855/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.isc.org/software/bind/advisories/cve-2012-5689", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2693-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-00855/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gstreamer | gstreamer | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*", matchCriteriaId: "E205DF55-52AD-46B7-B83E-2FDB322A52A2", versionEndIncluding: "1.10.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica en la función flx_decode_delta_fli en gst/flx/gstflxdec.c en el decoder FLIC en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través del parámetro start_line.", }, ], id: "CVE-2016-9634", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-27T22:59:01.943", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94499", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201705-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201705-10", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.5.24 | |
| php | php | 5.5.25 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "51E65991-DA29-4501-9B30-6719C5CEDAA2", versionEndIncluding: "5.4.41", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*", matchCriteriaId: "59A42F02-F363-4C13-BE83-19F757B84455", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*", matchCriteriaId: "423ECD5F-5611-4D9A-8BE8-E4DC1527AF58", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", matchCriteriaId: "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\\0.html attack that bypasses an intended configuration in which client users may write to only .html files.", }, { lang: "es", value: "PHP en versiones anteriores a 5.4.42, 5.5.x en versiones anteriores a 5.5.26 y 5.6.x en versiones anteriores a 5.6.10 no asegura que los nombres de ruta carezcan de la secuencia %00, lo que podría permitir a atacantes remotos leer o escribir archivos arbitrarios a través de entrada manipulada para una aplicación que llama a (1) un método para guardar DOMDocument o (2) la función imagepsloadfont GD, según lo demostrado mediante un ataque filename\\0.html que elude una configuración prevista en la que los usuarios cliente pueden escribir solamente en archivos .html.", }, ], id: "CVE-2015-4598", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:05.813", references: [ { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2015/dsa-3344", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75244", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "secalert@redhat.com", url: "https://bugs.php.net/bug.php?id=69719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3344", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.php.net/bug.php?id=69719", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-08 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 6.7 | |
| redhat | enterprise_linux | 7.2 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", matchCriteriaId: "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "2E4DC974-235F-4655-966F-2490A4C4E490", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.", }, { lang: "es", value: "La función calloc en el paquete glibc en Red Hat Enterprise Linux (RHEL) 6.7 y 7.2 no inicializa adecuadamente áreas de memoria, lo que podría permitir a atacantes dependientes de contexto provocar una denegación de servicio (colgado o caída) a través de vectores no especificados.", }, ], id: "CVE-2015-5229", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-08T15:59:00.137", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/84172", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1246713", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1256285", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293976", }, { source: "secalert@redhat.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/84172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1246713", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1256285", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-17", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "E8519121-8EA3-4851-A824-13921232DB02", versionEndIncluding: "5.6.30", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "2E576DEB-1E39-4582-BFAA-E1D9F311242D", versionEndIncluding: "5.7.12", versionStartIncluding: "5.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*", matchCriteriaId: "854A3AE0-E319-46F9-BDDF-425D967A5C82", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2D1C00C0-C77E-4255-9ECA-20F2673C7366", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", matchCriteriaId: "21F16D65-8A46-4AC7-8970-73AB700035FB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", matchCriteriaId: "92F393FF-7E6F-4671-BFBF-060162E12659", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", matchCriteriaId: "E1B85A09-CF8D-409D-966E-168F9959F6F6", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", matchCriteriaId: "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", matchCriteriaId: "C684FB18-FDDC-4BED-A28C-C23EE6CD0094", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", matchCriteriaId: "A74A79A7-4FAF-4C81-8622-050008B96AE1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", matchCriteriaId: "CEDACCB9-8D61-49EE-9957-9E58BC7BB031", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", matchCriteriaId: "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", matchCriteriaId: "E884B241-F9C3-44F8-A420-DE65F5F3D660", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", matchCriteriaId: "3A383620-B4F7-44A7-85DA-A4FF2E115D80", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", matchCriteriaId: "5F0C6812-F455-49CF-B29B-9AC00306DA43", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", matchCriteriaId: "3F2D462C-A1B4-4572-A615-BDE9DC5F1E55", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", matchCriteriaId: "3703E445-17C0-4C85-A496-A35641C0C8DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*", matchCriteriaId: "2F4034B9-EF1C-40E6-B92A-D4D7B7E7E774", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*", matchCriteriaId: "ABEC1927-F469-4B9E-B544-DA6CF90F0B34", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*", matchCriteriaId: "DE2188F9-FAF8-4A0C-BB49-E95BDBC119BF", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*", matchCriteriaId: "A9EC827B-5313-47D7-BF49-CFF033CF3D53", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*", matchCriteriaId: "A438E65F-33B1-46BC-AD93-200DCC6B43D4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*", matchCriteriaId: "4BFDCF78-62C1-429E-A43C-0C9FEC14837D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*", matchCriteriaId: "6A0B4DEF-C6E8-4243-9893-6E650013600C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*", matchCriteriaId: "E28CD4F7-522F-4ECA-9035-228596CDE769", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*", matchCriteriaId: "A491B32F-31F0-4151-AE9B-313CBF2C060D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*", matchCriteriaId: "18797BEE-417D-4959-9AAD-C5A7C051B524", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*", matchCriteriaId: "6FAA3C31-BD9D-45A9-A502-837FECA6D479", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*", matchCriteriaId: "6455A421-9956-4846-AC7C-3431E0D37D23", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", matchCriteriaId: "60F946FD-F564-49DA-B043-5943308BA9EE", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", matchCriteriaId: "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", matchCriteriaId: "9B89180B-FB68-4DD8-B076-16E51CC7FB91", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", matchCriteriaId: "4C986592-4086-4A39-9767-EF34DBAA6A53", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", matchCriteriaId: "7B23181C-03DB-4E92-B3F6-6B585B5231B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", matchCriteriaId: "94D9EC1C-4843-4026-9B05-E060E9391734", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*", matchCriteriaId: "B066401C-21CF-4BE9-9C55-C9F1E0C7BE3F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "1CBD1B3E-644C-42B4-A556-7A4C58D219D6", versionEndExcluding: "0.10.45", versionStartIncluding: "0.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "2E35B5D6-6D7B-4D04-A8E4-88C4C47270AE", versionEndExcluding: "0.12.14", versionStartIncluding: "0.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "A47FC4F7-1F77-4314-B4B3-3C5D8E335379", versionEndIncluding: "4.1.2", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "BA51558F-F55C-48B3-870B-6D1225998AB3", versionEndExcluding: "4.4.4", versionStartIncluding: "4.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "29D607F1-B2A0-49FE-B9F3-B1C94A59104B", versionEndExcluding: "5.11.1", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:-:*:*:*", matchCriteriaId: "BD30B503-CD0A-4CCF-A346-AF5F4BD379FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.", }, { lang: "es", value: "Desbordamiento de entero en la función EVP_EncodeUpdate en crypto/evp/encode.c en OpenSSL en versiones anteriores a 1.0.1t y 1.0.2 en versiones anteriores a 1.0.2h permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica) a través de una gran cantidad de datos binarios.", }, ], id: "CVE-2016-2105", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-05T01:59:01.200", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/89757", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91787", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035721", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "secalert@redhat.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "secalert@redhat.com", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=5b814481f3573fa9677f3a31ee51322e2a22ee6a", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT206903", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2016-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/89757", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=5b814481f3573fa9677f3a31ee51322e2a22ee6a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/HT206903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2016-18", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-21 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | manager | 2.1 | |
| suse | manager_proxy | 2.1 | |
| suse | openstack_cloud | 5 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| ntp | ntp | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", matchCriteriaId: "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", matchCriteriaId: "35BBD83D-BDC7-4678-BE94-639F59281139", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:manager:2.1:*:*:*:*:*:*:*", matchCriteriaId: "2A33B9F5-E0D1-4A3E-9FFB-5602A25F3227", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*", matchCriteriaId: "53F0F5A0-70D9-4305-A834-B6FF71E27B30", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*", matchCriteriaId: "88BCD7DC-0FEF-477D-8698-F8D8F1A49D90", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ntp:ntp:*:p40:*:*:*:*:*:*", matchCriteriaId: "C38BE66F-08C3-4351-BFFF-0A79EE89612E", versionEndIncluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.", }, { lang: "es", value: "La función log_config_command en el archivo ntp_parser.y en ntpd en NTP anterior a versión 4.2.7p42, permite a los atacantes remotos causar una denegación de servicio (bloqueo de ntpd) por medio de comandos logconfig creados.", }, ], id: "CVE-2015-5194", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-21T14:29:00.757", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76475", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254542", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76475", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-30 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "0C5FF5EF-B5D2-4BFE-8C0E-DF1F99F3989D", versionEndIncluding: "10.10.5", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "6773B830-647B-4DCA-ABAF-BCF414C4F07C", versionEndIncluding: "5.4.38", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \\x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, { lang: "es", value: "La implementación move_uploaded_file en ext/standard/basic_functions.c en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 trunca un nombre de ruta al encontrar un caracter \\x00, lo que permite a atacantes remotos evadir las restricciones de extensiones y crear ficheros con nombres no esperados a través de un segundo argumento manipulado. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2006-7243.", }, ], id: "CVE-2015-2348", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-30T10:59:14.710", references: [ { source: "cve@mitre.org", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "cve@mitre.org", url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/73434", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032484", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69207", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", url: "https://support.apple.com/HT205267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/73434", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032484", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT205267", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4", versionEndIncluding: "5.4.40", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*", matchCriteriaId: "14D652D3-59BB-4BCA-95E4-87A8102154CA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*", matchCriteriaId: "59A42F02-F363-4C13-BE83-19F757B84455", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \\0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.", }, { lang: "es", value: "La función phar_parse_tarfile en ext/phar/tar.c en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 no verifica que el primer caracter de un nombre de fichero es diferente al caracter \\0, lo que permite a atacantes remotos causar una denegación de servicio (desbordamientos de enteros y corrupción de memoria) a través de una entrada manipulada en un archivo tar.", }, ], id: "CVE-2015-4021", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:04.567", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74700", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032433", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69453", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74700", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-21 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| fedoraproject | fedora | 23 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| ntp | ntp | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ntp:ntp:*:p111:*:*:*:*:*:*", matchCriteriaId: "6A000FAF-D608-42CE-A557-87DD26581BD7", versionEndIncluding: "4.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.", }, { lang: "es", value: "ntp_openssl.m4 en ntpd en NTP anterior a 4.2.7p112, permite a los atacantes remotos causar una denegación de servicio (fallo de segmentación) por medio de un comando de configuración statistics o filegen creadas que no está habilitado durante la compilación.", }, ], id: "CVE-2015-5195", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-21T14:29:00.820", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76474", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254544", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254544", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-02-18 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:helion_openstack:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "598E9A70-D953-48F6-96AF-885532C6BA40", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "46D566AF-D1DE-4EAD-B881-DC40D1DE780C", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "81BED703-422A-4937-8BF0-F83C248188F9", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:server_migration_pack:7.5:*:*:*:*:*:*:*", matchCriteriaId: "01FB206E-013D-4BF8-999A-80ACEA611549", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sophos:unified_threat_management_software:9.319:*:*:*:*:*:*:*", matchCriteriaId: "8D7ABF3B-513A-41E3-9640-7D5339B8235D", vulnerable: true, }, { criteria: "cpe:2.3:a:sophos:unified_threat_management_software:9.355:*:*:*:*:*:*:*", matchCriteriaId: "F7599118-C33F-4BEF-BDD5-280FF9F61124", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp2:*:*:*:*:*:*", matchCriteriaId: "1FADFCB2-7D70-4778-9199-516E667177C8", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "174A8501-CFE4-430E-BB1F-DDF89F94A117", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*", matchCriteriaId: "480C8C21-8DA3-4EF2-8BCF-7CED031A3B81", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "1F33821F-22ED-4B6A-B70B-D38EDA658EE7", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp4:*:*:*:*:*:*", matchCriteriaId: "10F15C47-008C-4FFC-980B-A14E176C1F1E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", matchCriteriaId: "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:*:*:lts:*:*:*", matchCriteriaId: "380DDE38-767C-455A-8474-29BF32D66D48", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "01E21741-9D7D-42DD-B70D-5FD3053DE780", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", matchCriteriaId: "FD3677E0-7423-452A-8C1E-A20C5CC34CA8", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*", matchCriteriaId: "D5BAC17C-EF31-4E94-9020-47B781AD94B3", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", matchCriteriaId: "2076747F-A98E-4DD9-9B52-BF1732BCAD3D", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", matchCriteriaId: "ACC73EF8-7AD9-4113-9E3F-C93AF818CEB8", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*", matchCriteriaId: "51FA1B64-D002-41CC-908F-3798122ACD25", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*", matchCriteriaId: "DB2A1559-651C-46B0-B436-8E03DC8A60D2", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", matchCriteriaId: "9C649194-B8C2-49F7-A819-C635EE584ABF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*", matchCriteriaId: "CB059A52-DE6D-47FB-98E8-5A788E1C0FC0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*", matchCriteriaId: "D70580AD-2134-49D3-BE15-020023A10E87", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "532AAF54-64EF-4852-B4F1-D5E660463704", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D0EDB8E9-E6FB-406E-B1D3-C620F114804C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3CA2FA6B-3930-432F-8FB5-E73604CEFE42", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "62B0A70A-D101-443E-A543-5EC35E23D66F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "524B2D05-508C-47FF-94A0-6CC42060E638", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "23FF9627-E561-4CF7-A685-6E33D2F6C98C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:fujitsu_m10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3861055-D7FB-4C07-BE61-6879D3638B07", versionEndIncluding: "2290", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*", matchCriteriaId: "A96FA9ED-7529-440D-984D-6340B94D8243", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*", matchCriteriaId: "E3D70AB0-2910-4191-9980-5BA78E8F2E11", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*", matchCriteriaId: "9A30D0EE-1AED-4C99-8A22-24E47212F3FD", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*", matchCriteriaId: "4169CA4B-C4F5-499A-A35A-49DD43AC0A22", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*", matchCriteriaId: "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*", matchCriteriaId: "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*", matchCriteriaId: "6423F0B5-E483-4DE9-B13F-3A7322F055DC", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*", matchCriteriaId: "18F57529-10DF-447A-8C53-DD4B1C2AA21E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*", matchCriteriaId: "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*", matchCriteriaId: "37880948-2AB5-491A-85E2-B7E271E03B1D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*", matchCriteriaId: "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*", matchCriteriaId: "BFD5D113-EF53-4690-92AC-B6E54D70AA9B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*", matchCriteriaId: "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*", matchCriteriaId: "733A1711-D2FC-45C6-9542-893860851F6B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*", matchCriteriaId: "CA4CFA8E-9892-4DDA-9DB2-581711E974A1", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*", matchCriteriaId: "C1E91F85-7872-4290-BE7F-C966AC2773CB", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*", matchCriteriaId: "BC5491CD-F3D6-4B09-AE44-62285F6B462A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*", matchCriteriaId: "1829B291-7B55-4B4A-9CA4-8784932935B8", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*", matchCriteriaId: "D625EEF2-DB23-4DFE-AF1C-BEE2DD38C54D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*", matchCriteriaId: "47C2E388-06A8-4AD0-9511-749FD10D2936", vulnerable: true, }, { criteria: "cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*", matchCriteriaId: "8DB1928D-6A44-4B2D-A9BB-4656AF47317B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing \"dual A/AAAA DNS queries\" and the libnss_dns.so.2 NSS module.", }, { lang: "es", value: "Múltiples desbordamientos de buffer basado en pila en las funciones (1) send_dg y (2) send_vc en la librería libresolv en la librería GNU C (también conocida como glibc o libc6) en versiones anteriores a 2.23 permiten a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una respuesta DNS manipulada que desencadenan una llamada a la función getaddrinfo con la familia de direcciones AF_UNSPEC o AF_INET6, en relación con la ejecución de \"consultas duales A/AAAA DNS\" y el módulo libnss_dns.so.2 NSS.", }, ], id: "CVE-2015-7547", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-02-18T21:59:00.120", references: [ { source: "secalert@redhat.com", url: "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=145596041017029&w=2", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=145672440608228&w=2", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=145690841819314&w=2", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=145857691004892&w=2", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=146161017210491&w=2", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0175.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0225.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0277.html", }, { source: "secalert@redhat.com", url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { source: "secalert@redhat.com", url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { source: "secalert@redhat.com", url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { source: "secalert@redhat.com", url: "http://support.citrix.com/article/CTX206991", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://ubuntu.com/usn/usn-2900-1", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3480", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3481", }, { source: "secalert@redhat.com", url: "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { source: "secalert@redhat.com", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/83265", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1035020", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2016-0002.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/articles/2161461", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa114", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293532", }, { source: "secalert@redhat.com", url: "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "secalert@redhat.com", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "secalert@redhat.com", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, { source: "secalert@redhat.com", url: "https://seclists.org/bugtraq/2019/Sep/7", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201602-02", }, { source: "secalert@redhat.com", url: "https://security.netapp.com/advisory/ntap-20160217-0002/", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=18665", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html", }, { source: "secalert@redhat.com", url: "https://support.lenovo.com/us/en/product_security/len_5450", }, { source: "secalert@redhat.com", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17", }, { source: "secalert@redhat.com", url: "https://www.exploit-db.com/exploits/39454/", }, { source: "secalert@redhat.com", url: "https://www.exploit-db.com/exploits/40339/", }, { source: "secalert@redhat.com", url: "https://www.kb.cert.org/vuls/id/457759", }, { source: "secalert@redhat.com", url: "https://www.tenable.com/security/research/tra-2017-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=145596041017029&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=145672440608228&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=145690841819314&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=145857691004892&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=146161017210491&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0175.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0225.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0277.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.citrix.com/article/CTX206991", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://ubuntu.com/usn/usn-2900-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3480", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3481", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/83265", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035020", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2016-0002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/articles/2161461", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa114", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293532", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Sep/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201602-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20160217-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=18665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/len_5450", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/39454/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/40339/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.kb.cert.org/vuls/id/457759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.tenable.com/security/research/tra-2017-08", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-05 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2 | |
| openssl | openssl | 1.0.2a | |
| openssl | openssl | 1.0.2b | |
| openssl | openssl | 1.0.2c | |
| openssl | openssl | 1.0.2d | |
| openssl | openssl | 1.0.2e | |
| openssl | openssl | 1.0.2f | |
| openssl | openssl | 1.0.2g | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F608A0-78BE-4F17-9E41-70933E52B3C7", versionEndIncluding: "1.0.1s", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*", matchCriteriaId: "18797BEE-417D-4959-9AAD-C5A7C051B524", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*", matchCriteriaId: "6FAA3C31-BD9D-45A9-A502-837FECA6D479", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*", matchCriteriaId: "6455A421-9956-4846-AC7C-3431E0D37D23", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", matchCriteriaId: "60F946FD-F564-49DA-B043-5943308BA9EE", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", matchCriteriaId: "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", matchCriteriaId: "9B89180B-FB68-4DD8-B076-16E51CC7FB91", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", matchCriteriaId: "4C986592-4086-4A39-9767-EF34DBAA6A53", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", matchCriteriaId: "7B23181C-03DB-4E92-B3F6-6B585B5231B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", matchCriteriaId: "94D9EC1C-4843-4026-9B05-E060E9391734", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*", matchCriteriaId: "B066401C-21CF-4BE9-9C55-C9F1E0C7BE3F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "39A901D6-0874-46A4-92A8-5F72C7A89E85", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "44B067C7-735E-43C9-9188-7E1522A02491", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.", }, { lang: "es", value: "La función asn1_d2i_read_bio en crypto/asn1/a_d2i_fp.c en la implementación de ASN.1 BIO en OpenSSL en versiones anteriores a 1.0.1t y 1.0.2 en versiones anteriores a 1.0.2h permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de una codificación corta no válida.", }, ], id: "CVE-2016-2109", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-05T01:59:05.357", references: [ { source: "secalert@redhat.com", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "secalert@redhat.com", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/87940", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/91787", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1035721", }, { source: "secalert@redhat.com", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "secalert@redhat.com", url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "secalert@redhat.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "secalert@redhat.com", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=c62981390d6cf9e3d612c489b8b77c2913b25807", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "secalert@redhat.com", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "secalert@redhat.com", url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "secalert@redhat.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201612-16", }, { source: "secalert@redhat.com", url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "secalert@redhat.com", url: "https://source.android.com/security/bulletin/2017-07-01", }, { source: "secalert@redhat.com", url: "https://support.apple.com/HT206903", }, { source: "secalert@redhat.com", url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "secalert@redhat.com", url: "https://www.tenable.com/security/tns-2016-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/87940", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2959-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bto.bluecoat.com/security-advisory/sa123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=c62981390d6cf9e3d612c489b8b77c2913b25807", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201612-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://source.android.com/security/bulletin/2017-07-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT206903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.tenable.com/security/tns-2016-18", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.", }, { lang: "es", value: "La función mget en softmagic.c en file 5.x, tal como se utiliza en el componente Fileinfo en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8, no mantiene correctamente una cierta relación de puntero, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a traves de una cadena manipulada que no es manejada correctamente por una regla \"secuencia de comandos de texto ejecutable de Python\".", }, ], id: "CVE-2015-4604", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:12.237", references: [ { source: "secalert@redhat.com", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75241", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=68819", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75241", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=68819", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4", versionEndIncluding: "5.4.40", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*", matchCriteriaId: "14D652D3-59BB-4BCA-95E4-87A8102154CA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "3D25E591-448C-4E3B-8557-6E48F7571796", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "3AF783C9-26E7-4E02-BD41-77B9783667E3", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "7AEDF6F7-001D-4A35-A26F-417991AD377F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "4031DB99-B4B4-41EC-B3C1-543D92C575A9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", matchCriteriaId: "D5450EA7-A398-49D2-AA8E-7C95B074BAB1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", matchCriteriaId: "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", matchCriteriaId: "BB8E09D8-9CBE-4279-88B7-24A214A5A537", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", matchCriteriaId: "2D41ECCE-887D-49A2-9BB3-B559495AC55B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "79B418BC-27F4-4443-A0F7-FF4ADA568C1B", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*", matchCriteriaId: "59A42F02-F363-4C13-BE83-19F757B84455", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "54ADECFC-3C07-43BC-B296-6C25AC7F1C95", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "FE192054-2FBB-4388-A52A-422E20DEA2D7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "F0195D48-3B42-4AC0-B9C5-436E01C63879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", matchCriteriaId: "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", matchCriteriaId: "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21BFCF10-786A-4D1E-9C37-50A1EC6056F1", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", matchCriteriaId: "95A6D6C8-5F46-4897-A0B0-778631E8CE6A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "7883E465-932D-4C11-AA54-97E44181F906", versionEndIncluding: "10.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.", }, { lang: "es", value: "Desbordamiento de enteros en la función ftp_genlist en ext/ftp/ftp.c en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 permite a servidores FTP remotos ejecutar código arbitrario a través de una contestación larga a un comando LIST, que conduce a un desbordamiento de buffer basado en memoria dinámica.", }, ], id: "CVE-2015-4022", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-06-09T18:59:05.833", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/74902", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1032433", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=69545", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "cve@mitre.org", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74902", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=69545", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201606-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | icewall_federation_agent | 3.0 | |
| hp | icewall_file_manager | 3.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| canonical | ubuntu_linux | 15.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| xmlsoft | libxml2 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B3261B40-5CBE-4AA6-990A-0A7BE96E5518", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EDAB86FF-C732-4022-B1F4-D1CE28FBF0D0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", matchCriteriaId: "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "692D866C-F7D7-437B-BAC3-CCE024626B4D", versionEndIncluding: "2.9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.", }, { lang: "es", value: "Desbordamiento de buffer basado en memoria dinámica en la función xmlParseXmlDecl en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio a través de vectores no especificados relacionados con errores de extracción después de un fallo de conversión de la codificación.", }, ], id: "CVE-2015-7498", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-12-15T21:59:02.960", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/79548", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1034243", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281879", }, { source: "secalert@redhat.com", url: "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201701-37", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/79548", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1034243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://xmlsoft.org/news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281879", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201701-37", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-28 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*", matchCriteriaId: "F3EF53AD-F985-446E-89B8-4BFECE00AD63", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*", matchCriteriaId: "0A11DBFA-9F0E-4358-8541-E5371C11FE80", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*", matchCriteriaId: "738AEB08-FF7D-4DC3-AB14-B8F2B9474810", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*", matchCriteriaId: "1E8C5523-16E4-417E-A159-F5D0F9E83C5B", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*", matchCriteriaId: "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*", matchCriteriaId: "AB93C2FC-6913-448E-8B93-EEB2229EC86C", vulnerable: true, }, { criteria: "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0ECA3172-7088-4B5E-923D-37B155729BD2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.", }, { lang: "es", value: "Desbordamiento de buffer basado en memoria dinámica en wpa_supplicant 1.0 hasta 2.4 permite a atacantes remotos causar una denegación de servicio (caída), leer la memoria o posiblemente ejecutar código arbitrario a través de información SSID manipulada en un Frame de gestión cuando se crea o actualiza las entradas P2P.", }, ], id: "CVE-2015-1863", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-28T14:59:01.293", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://seclists.org/fulldisclosure/2015/Apr/82", }, { source: "secalert@redhat.com", url: "http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3233", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/535353/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/74296", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032192", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2577-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://seclists.org/fulldisclosure/2015/Apr/82", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/535353/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74296", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032192", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2577-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-17", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-05-21 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 5.9.z | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_long_life | 5.9 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.4 | |
| redhat | enterprise_linux_server_eus | 6.4.z | |
| redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*", matchCriteriaId: "5833A489-D6DE-4D51-9E74-189CBC2E28CA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*", matchCriteriaId: "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:5.9.z:*:server:*:*:*:*:*", matchCriteriaId: "E5057E4A-F85E-4EEA-BD38-12B3BC979523", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*", matchCriteriaId: "8CDFD93B-693D-46DC-9C39-FDECB3E619E8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_long_life:5.9:*:server:*:*:*:*:*", matchCriteriaId: "E663F8F7-FAB1-4BBE-BF85-CEF90B786462", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4.z:*:*:*:*:*:*:*", matchCriteriaId: "EF3F4527-8ADB-4A45-9E2C-C6E45D637D14", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.", }, { lang: "es", value: "rhn-migrate-classic-to-rhsm tool en Red Hat subscription-manager no verifica el certificado de servidor X.509 en Red Hat Network Classic cuando se está migrando a Certificate-based Red Hat Network, lo que permite a atacantes remotos \"man-in-the-middle\" obtener información sensible como credenciales de usuario.", }, ], id: "CVE-2012-6137", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-05-21T18:55:01.653", references: [ { source: "secalert@redhat.com", url: "http://osvdb.org/93058", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0788.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/53330", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/59674", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1028520", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=885130", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84020", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/93058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0788.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/53330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/59674", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1028520", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=885130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84020", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-255", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-06-08 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2016-2604.html | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1378613 | Issue Tracking, VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2604.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1378613 | Issue Tracking, VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.", }, { lang: "es", value: "SerializablesProvider de RESTEasy en RedHat Enterprise Linux Desktop 7, RedHat Enterprise Linux HPC node 7, RedHat Enterprise Linux Server 7, y RedHat Enterprise Linux WorkStation 7 permite a un atacante remoto ejecutar código arbitrario.", }, ], id: "CVE-2016-7050", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-06-08T19:29:00.370", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2604.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "VDB Entry", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1378613", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2604.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "VDB Entry", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1378613", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1228E622-0524-4254-BA07-6EED39637EA4", versionEndIncluding: "5.4.39", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9F6D9B19-E64D-4BED-9194-17460CE19E6F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "F644EA6C-50C6-4A1C-A4AC-287AA9477B46", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DD47F30-74F5-48E8-8657-C2373FE2BD22", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "0C09527B-6B47-41F8-BDE6-01C47E452286", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "2E454D87-23CB-4D7F-90FE-942EE54D661F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "130E50C1-D209-4CFF-9399-69D561340FBB", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "C1F29948-9417-460B-8B04-D91AE4E8B423", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "093D08B7-CC3C-4616-8697-F15B253A7D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A30B2D9E-F289-43C9-BFBC-1CEF284A417E", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "6AEAC9BA-AF82-4345-839C-D339DCB962A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "1EFE682F-52E3-48EC-A993-F522FC29712F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "840EE3AC-5293-4F33-9E2C-96A0A2534B02", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "1C0FC407-96DB-425E-BB57-7A5BA839C37F", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "AC63A449-5D92-4F5F-8186-B58FFFBA54FE", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "F18236F6-2065-4A6A-93E7-FD90E650C689", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DEFBA84A-A4E4-438B-B9B5-8549809DCECC", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "146D3DC9-50F4-430B-B321-68ECE78879A7", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "1D5A7CA6-7653-46C5-8DF7-95584BF7A879", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CE65D0D4-CB56-4946-AB44-2EF554602A96", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "F1F13E2D-A8F7-4B74-8D03-7905C81672C9", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "9AE1289F-03A6-4621-B387-5F5ADAC4AE92", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "383697F5-D29E-475A-84F3-46B54A928889", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "786ED182-5D71-4197-9196-12AB5CF05F85", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", matchCriteriaId: "0E8CD4EF-DC90-40BB-A721-6EC087507906", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, { lang: "es", value: "La función exception::getTraceAsString en Zend/zend_exceptions.c en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a atacantes remotos ejecutar código arbitrario a través de un tipo de dato no esperado, relacionado con un caso \"type confusion\" .", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/843.html\">Access of Resource Using Incompatible Type ('Type Confusion')</a>", id: "CVE-2015-4603", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-16T10:59:11.267", references: [ { source: "secalert@redhat.com", url: "http://php.net/ChangeLog-5.php", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75252", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id/1032709", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://php.net/ChangeLog-5.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75252", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1032709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://bugs.php.net/bug.php?id=69152", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-11 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| setroubleshoot_project | setroubleshoot | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*", matchCriteriaId: "81FFD870-6377-4CE9-89C0-07EA99635370", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.", }, { lang: "es", value: "El complemento allow_execstack para setroubleshoot permite a los usuarios locales ejecutar comandos arbitrarios al activar una denegación SELinux de execstack con un nombre de archivo manipulado, relacionado con la función commands.getoutput.", }, ], id: "CVE-2016-4446", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-11T18:59:00.290", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91427", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036144", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/91427", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2016-0596 (GCVE-0-2016-0596)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.762Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { name: "81130", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81130", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { name: "81130", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81130", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0596", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { name: "81130", refsource: "BID", url: "http://www.securityfocus.com/bid/81130", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0596", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.762Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5300 (GCVE-0-2015-5300)
Vulnerability from cvelistv5
Published
2017-07-21 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:09.519Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1930", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1930.html", }, { name: "SUSE-SU:2016:1912", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { name: "[slackware-security] 20160223 ntp (SSA:2016-054-04)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/bugtraq/2016/Feb/164", }, { name: "openSUSE-SU:2016:1423", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { name: "SUSE-SU:2016:1177", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1271076", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21980676", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX220112", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428", }, { name: "FEDORA-2015-f5f5ec7b6b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170684.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.cs.bu.edu/~goldbe/NTPattack.html", }, { name: "SUSE-SU:2016:2094", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { name: "FEDORA-2016-34bc10a2c8", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html", }, { name: "1034670", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034670", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073", }, { name: "77312", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77312", }, { name: "SUSE-SU:2016:1311", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { name: "FreeBSD-SA-16:02", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:02.ntp.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21979393", }, { name: "openSUSE-SU:2016:1292", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264", }, { name: "SUSE-SU:2016:1247", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa113", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983501", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.ntp.org/bin/view/Main/NtpBug2956", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983506", }, { name: "SUSE-SU:2016:1175", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20171004-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-10-13T00:00:00", descriptions: [ { lang: "en", value: "The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-09T10:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1930", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1930.html", }, { name: "SUSE-SU:2016:1912", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { name: "[slackware-security] 20160223 ntp (SSA:2016-054-04)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/bugtraq/2016/Feb/164", }, { name: "openSUSE-SU:2016:1423", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { name: "SUSE-SU:2016:1177", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1271076", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21980676", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX220112", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428", }, { name: "FEDORA-2015-f5f5ec7b6b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170684.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc", }, { tags: [ "x_refsource_MISC", ], url: "https://www.cs.bu.edu/~goldbe/NTPattack.html", }, { name: "SUSE-SU:2016:2094", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { name: "FEDORA-2016-34bc10a2c8", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html", }, { name: "1034670", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034670", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073", }, { name: "77312", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77312", }, { name: "SUSE-SU:2016:1311", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { name: "FreeBSD-SA-16:02", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:02.ntp.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21979393", }, { name: "openSUSE-SU:2016:1292", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264", }, { name: "SUSE-SU:2016:1247", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bto.bluecoat.com/security-advisory/sa113", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983501", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.ntp.org/bin/view/Main/NtpBug2956", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983506", }, { name: "SUSE-SU:2016:1175", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20171004-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-5300", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1930", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1930.html", }, { name: "SUSE-SU:2016:1912", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { name: "[slackware-security] 20160223 ntp (SSA:2016-054-04)", refsource: "MLIST", url: "http://seclists.org/bugtraq/2016/Feb/164", }, { name: "openSUSE-SU:2016:1423", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "USN-2783-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2783-1", }, { name: "SUSE-SU:2016:1177", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01", }, { name: "https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", refsource: "CONFIRM", url: "https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit", refsource: "CONFIRM", url: "http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1271076", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1271076", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=swg21980676", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=swg21980676", }, { name: "https://support.citrix.com/article/CTX220112", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX220112", }, { name: "FEDORA-2015-77bfbc1bcd", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { name: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428", refsource: "CONFIRM", url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428", }, { name: "FEDORA-2015-f5f5ec7b6b", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170684.html", }, { name: "DSA-3388", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3388", }, { name: "https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", refsource: "CONFIRM", url: "https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc", }, { name: "https://www.cs.bu.edu/~goldbe/NTPattack.html", refsource: "MISC", url: "https://www.cs.bu.edu/~goldbe/NTPattack.html", }, { name: "SUSE-SU:2016:2094", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { name: "FEDORA-2016-34bc10a2c8", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html", }, { name: "1034670", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034670", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073", }, { name: "77312", refsource: "BID", url: "http://www.securityfocus.com/bid/77312", }, { name: "SUSE-SU:2016:1311", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { name: "FreeBSD-SA-16:02", refsource: "FREEBSD", url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:02.ntp.asc", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=swg21979393", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=swg21979393", }, { name: "openSUSE-SU:2016:1292", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264", }, { name: "SUSE-SU:2016:1247", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885", }, { name: "https://bto.bluecoat.com/security-advisory/sa113", refsource: "CONFIRM", url: "https://bto.bluecoat.com/security-advisory/sa113", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=swg21983501", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983501", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821", }, { name: "http://support.ntp.org/bin/view/Main/NtpBug2956", refsource: "CONFIRM", url: "http://support.ntp.org/bin/view/Main/NtpBug2956", }, { name: "https://www-01.ibm.com/support/docview.wss?uid=swg21983506", refsource: "CONFIRM", url: "https://www-01.ibm.com/support/docview.wss?uid=swg21983506", }, { name: "SUSE-SU:2016:1175", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html", }, { name: "https://security.netapp.com/advisory/ntap-20171004-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20171004-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5300", datePublished: "2017-07-21T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:09.519Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-4343 (GCVE-0-2014-4343)
Vulnerability from cvelistv5
Published
2014-08-14 01:00
Modified
2024-08-06 11:12
Severity ?
EPSS score ?
Summary
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T11:12:35.140Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { name: "61052", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61052", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "60448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60448", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", }, { name: "FEDORA-2014-8189", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", }, { name: "69159", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/69159", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "GLSA-201412-53", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { name: "109390", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/109390", }, { name: "kerberos-cve20144343-dos(95211)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59102", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-07-21T00:00:00", descriptions: [ { lang: "en", value: "Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { name: "61052", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61052", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "60448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60448", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", }, { name: "FEDORA-2014-8189", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", }, { name: "69159", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/69159", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "GLSA-201412-53", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { name: "109390", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/109390", }, { name: "kerberos-cve20144343-dos(95211)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59102", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-4343", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", }, { name: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { name: "61052", refsource: "SECUNIA", url: "http://secunia.com/advisories/61052", }, { name: "RHSA-2015:0439", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "60448", refsource: "SECUNIA", url: "http://secunia.com/advisories/60448", }, { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", }, { name: "FEDORA-2014-8189", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { name: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", refsource: "CONFIRM", url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", }, { name: "69159", refsource: "BID", url: "http://www.securityfocus.com/bid/69159", }, { name: "DSA-3000", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "GLSA-201412-53", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { name: "109390", refsource: "OSVDB", url: "http://www.osvdb.org/109390", }, { name: "kerberos-cve20144343-dos(95211)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", }, { name: "1030706", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", refsource: "SECUNIA", url: "http://secunia.com/advisories/60082", }, { name: "http://advisories.mageia.org/MGASA-2014-0345.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", }, { name: "59102", refsource: "SECUNIA", url: "http://secunia.com/advisories/59102", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-4343", datePublished: "2014-08-14T01:00:00", dateReserved: "2014-06-20T00:00:00", dateUpdated: "2024-08-06T11:12:35.140Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7547 (GCVE-0-2015-7547)
Vulnerability from cvelistv5
Published
2016-02-18 21:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.440Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1035020", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1035020", }, { name: "HPSBGN03582", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=146161017210491&w=2", }, { name: "SUSE-SU-2016:0471", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html", }, { name: "RHSA-2016:0175", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0175.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=18665", }, { name: "HPSBGN03551", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145857691004892&w=2", }, { name: "RHSA-2016:0225", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0225.html", }, { name: "FEDORA-2016-0f9e9a34ce", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161", }, { name: "DSA-3481", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3481", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "openSUSE-SU-2016:0510", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html", }, { name: "USN-2900-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-2900-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { name: "RHSA-2016:0277", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0277.html", }, { name: "openSUSE-SU-2016:0511", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160217-0002/", }, { name: "SUSE-SU-2016:0470", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/len_5450", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2017-08", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0002.html", }, { name: "HPSBGN03549", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145672440608228&w=2", }, { name: "83265", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/83265", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", }, { name: "GLSA-201602-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201602-02", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937", }, { name: "HPSBGN03547", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145596041017029&w=2", }, { name: "SUSE-SU-2016:0472", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html", }, { name: "40339", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/40339/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa114", }, { name: "[libc-alpha] 20160216 [PATCH] CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html", }, { name: "SUSE-SU-2016:0473", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293532", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html", }, { name: "RHSA-2016:0176", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { name: "FEDORA-2016-0480defc94", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html", }, { name: "openSUSE-SU-2016:0512", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404", }, { name: "DSA-3480", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3480", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01", }, { name: "39454", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39454/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.citrix.com/article/CTX206991", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en", }, { name: "VU#457759", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/457759", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/articles/2161461", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, { name: "HPSBGN03442", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145690841819314&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Sep/7", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, { name: "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17", }, { name: "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-07-13T00:00:00", descriptions: [ { lang: "en", value: "Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing \"dual A/AAAA DNS queries\" and the libnss_dns.so.2 NSS module.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-20T18:06:34", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "1035020", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1035020", }, { name: "HPSBGN03582", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=146161017210491&w=2", }, { name: "SUSE-SU-2016:0471", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html", }, { name: "RHSA-2016:0175", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0175.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=18665", }, { name: "HPSBGN03551", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145857691004892&w=2", }, { name: "RHSA-2016:0225", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0225.html", }, { name: "FEDORA-2016-0f9e9a34ce", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161", }, { name: "DSA-3481", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3481", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "openSUSE-SU-2016:0510", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html", }, { name: "USN-2900-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-2900-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", }, { name: "RHSA-2016:0277", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0277.html", }, { name: "openSUSE-SU-2016:0511", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html", }, { tags: [ "x_refsource_MISC", ], url: "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20160217-0002/", }, { name: "SUSE-SU-2016:0470", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/len_5450", }, { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2017-08", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2016-0002.html", }, { name: "HPSBGN03549", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145672440608228&w=2", }, { name: "83265", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/83265", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", }, { name: "GLSA-201602-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201602-02", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937", }, { name: "HPSBGN03547", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145596041017029&w=2", }, { name: "SUSE-SU-2016:0472", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html", }, { name: "40339", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/40339/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bto.bluecoat.com/security-advisory/sa114", }, { name: "[libc-alpha] 20160216 [PATCH] CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html", }, { name: "SUSE-SU-2016:0473", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293532", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html", }, { name: "RHSA-2016:0176", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { name: "FEDORA-2016-0480defc94", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html", }, { name: "openSUSE-SU-2016:0512", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404", }, { name: "DSA-3480", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3480", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01", }, { name: "39454", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39454/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.citrix.com/article/CTX206991", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en", }, { name: "VU#457759", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/457759", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/articles/2161461", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, { name: "HPSBGN03442", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145690841819314&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Sep/7", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, { name: "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17", }, { name: "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7547", datePublished: "2016-02-18T21:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.440Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5261 (GCVE-0-2015-5261)
Vulnerability from cvelistv5
Published
2016-06-07 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1890.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2015/10/06/4 | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/201606-05 | vendor-advisory, x_refsource_GENTOO | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1261889 | x_refsource_CONFIRM | |
| http://www.ubuntu.com/usn/USN-2766-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html | mailing-list, x_refsource_MLIST | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1889.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2015/dsa-3371 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securitytracker.com/id/1033753 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:08.985Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1890", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { name: "[oss-security] 20151006 Fwd: [vs-plain] CVE-2015-5261", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/10/06/4", }, { name: "GLSA-201606-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1261889", }, { name: "USN-2766-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2766-1", }, { name: "[Spice-devel] 20151006 Announcing spice 0.12.6", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "RHSA-2015:1889", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { name: "DSA-3371", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3371", }, { name: "1033753", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033753", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-10-06T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-15T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1890", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { name: "[oss-security] 20151006 Fwd: [vs-plain] CVE-2015-5261", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/10/06/4", }, { name: "GLSA-201606-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1261889", }, { name: "USN-2766-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2766-1", }, { name: "[Spice-devel] 20151006 Announcing spice 0.12.6", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "RHSA-2015:1889", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { name: "DSA-3371", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3371", }, { name: "1033753", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033753", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5261", datePublished: "2016-06-07T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:08.985Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-8108 (GCVE-0-2014-8108)
Vulnerability from cvelistv5
Published
2014-12-18 15:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
References
| ▼ | URL | Tags |
|---|---|---|
| http://subversion.apache.org/security/CVE-2014-8108-advisory.txt | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-0166.html | vendor-advisory, x_refsource_REDHAT | |
| https://support.apple.com/HT204427 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/71725 | vdb-entry, x_refsource_BID | |
| http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html | vendor-advisory, x_refsource_APPLE | |
| http://secunia.com/advisories/61131 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ubuntu.com/usn/USN-2721-1 | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:10:50.164Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt", }, { name: "RHSA-2015:0166", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT204427", }, { name: "71725", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/71725", }, { name: "APPLE-SA-2015-03-09-4", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "61131", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61131", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-17T00:00:00", descriptions: [ { lang: "en", value: "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt", }, { name: "RHSA-2015:0166", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT204427", }, { name: "71725", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/71725", }, { name: "APPLE-SA-2015-03-09-4", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "61131", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61131", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-8108", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt", refsource: "CONFIRM", url: "http://subversion.apache.org/security/CVE-2014-8108-advisory.txt", }, { name: "RHSA-2015:0166", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { name: "https://support.apple.com/HT204427", refsource: "CONFIRM", url: "https://support.apple.com/HT204427", }, { name: "71725", refsource: "BID", url: "http://www.securityfocus.com/bid/71725", }, { name: "APPLE-SA-2015-03-09-4", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "61131", refsource: "SECUNIA", url: "http://secunia.com/advisories/61131", }, { name: "USN-2721-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2721-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-8108", datePublished: "2014-12-18T15:00:00", dateReserved: "2014-10-10T00:00:00", dateUpdated: "2024-08-06T13:10:50.164Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7497 (GCVE-0-2015-7497)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.144Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281862", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xmlsoft.org/news.html", }, { name: "79508", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/79508", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-20T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281862", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xmlsoft.org/news.html", }, { name: "79508", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/79508", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7497", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.144Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3698 (GCVE-0-2016-3698)
Vulnerability from cvelistv5
Published
2016-06-13 19:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f | x_refsource_CONFIRM | |
| https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2016/dsa-3581 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/05/17/9 | mailing-list, x_refsource_MLIST | |
| http://www.ubuntu.com/usn/USN-2980-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://rhn.redhat.com/errata/RHSA-2016-1086.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:03:34.474Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839", }, { name: "DSA-3581", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3581", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "[oss-security] 20160517 RHSA-2016:1086 libndp: denial of service due to insufficient validation of source of NDP messages", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/05/17/9", }, { name: "USN-2980-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2980-1", }, { name: "RHSA-2016:1086", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1086.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-17T00:00:00", descriptions: [ { lang: "en", value: "libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-09-30T13:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839", }, { name: "DSA-3581", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3581", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "[oss-security] 20160517 RHSA-2016:1086 libndp: denial of service due to insufficient validation of source of NDP messages", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/05/17/9", }, { name: "USN-2980-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2980-1", }, { name: "RHSA-2016:1086", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1086.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3698", datePublished: "2016-06-13T19:00:00", dateReserved: "2016-03-30T00:00:00", dateUpdated: "2024-08-06T00:03:34.474Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4455 (GCVE-0-2016-4455)
Vulnerability from cvelistv5
Published
2017-04-14 18:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1340525 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038083 | vdb-entry, x_refsource_SECTRACK | |
| http://www.openwall.com/lists/oss-security/2016/10/26/5 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/93926 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2016-2592.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/candlepin/subscription-manager/commit/9dec31 | x_refsource_CONFIRM | |
| https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2017-0698.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:32:25.441Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1340525", }, { name: "1038083", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038083", }, { name: "[oss-security] 20161026 CVE-2016-4455: subscription-manager: incorrect permisions in /var/lib/rhsm/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/10/26/5", }, { name: "93926", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93926", }, { name: "RHSA-2016:2592", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2592.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/candlepin/subscription-manager/commit/9dec31", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec", }, { name: "RHSA-2017:0698", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0698.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-26T00:00:00", descriptions: [ { lang: "en", value: "The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-14T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1340525", }, { name: "1038083", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038083", }, { name: "[oss-security] 20161026 CVE-2016-4455: subscription-manager: incorrect permisions in /var/lib/rhsm/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/10/26/5", }, { name: "93926", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93926", }, { name: "RHSA-2016:2592", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2592.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/candlepin/subscription-manager/commit/9dec31", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec", }, { name: "RHSA-2017:0698", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0698.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4455", datePublished: "2017-04-14T18:00:00", dateReserved: "2016-05-02T00:00:00", dateUpdated: "2024-08-06T00:32:25.441Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4602 (GCVE-0-2015-4602)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| https://bugs.php.net/bug.php?id=69152 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75249 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.025Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1", }, { name: "75249", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75249", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1", }, { name: "75249", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75249", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4602", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "https://bugs.php.net/bug.php?id=69152", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=fb83c76deec58f1fab17c350f04c9f042e5977d1", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=fb83c76deec58f1fab17c350f04c9f042e5977d1", }, { name: "75249", refsource: "BID", url: "http://www.securityfocus.com/bid/75249", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4602", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.025Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-3528 (GCVE-0-2014-3528)
Vulnerability from cvelistv5
Published
2014-08-19 18:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:16.884Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59432", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59432", }, { name: "USN-2316-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2316-1", }, { name: "RHSA-2015:0166", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT204427", }, { name: "68995", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/68995", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://subversion.apache.org/security/CVE-2014-3528-advisory.txt", }, { name: "APPLE-SA-2015-03-09-4", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "RHSA-2015:0165", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { name: "60722", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60722", }, { name: "openSUSE-SU-2014:1059", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html", }, { name: "GLSA-201610-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201610-05", }, { name: "59584", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59584", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-08-14T00:00:00", descriptions: [ { lang: "en", value: "Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "59432", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59432", }, { name: "USN-2316-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2316-1", }, { name: "RHSA-2015:0166", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT204427", }, { name: "68995", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/68995", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://subversion.apache.org/security/CVE-2014-3528-advisory.txt", }, { name: "APPLE-SA-2015-03-09-4", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "RHSA-2015:0165", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { name: "60722", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60722", }, { name: "openSUSE-SU-2014:1059", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html", }, { name: "GLSA-201610-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201610-05", }, { name: "59584", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59584", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-3528", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59432", refsource: "SECUNIA", url: "http://secunia.com/advisories/59432", }, { name: "USN-2316-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2316-1", }, { name: "RHSA-2015:0166", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { name: "https://support.apple.com/HT204427", refsource: "CONFIRM", url: "https://support.apple.com/HT204427", }, { name: "68995", refsource: "BID", url: "http://www.securityfocus.com/bid/68995", }, { name: "http://subversion.apache.org/security/CVE-2014-3528-advisory.txt", refsource: "CONFIRM", url: "http://subversion.apache.org/security/CVE-2014-3528-advisory.txt", }, { name: "APPLE-SA-2015-03-09-4", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "RHSA-2015:0165", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { name: "60722", refsource: "SECUNIA", url: "http://secunia.com/advisories/60722", }, { name: "openSUSE-SU-2014:1059", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-08/msg00038.html", }, { name: "GLSA-201610-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201610-05", }, { name: "59584", refsource: "SECUNIA", url: "http://secunia.com/advisories/59584", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3528", datePublished: "2014-08-19T18:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:16.884Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3716 (GCVE-0-2016-3716)
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:03:34.426Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { name: "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00", descriptions: [ { lang: "en", value: "The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { name: "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3716", datePublished: "2016-05-05T18:00:00", dateReserved: "2016-03-30T00:00:00", dateUpdated: "2024-08-06T00:03:34.426Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3412 (GCVE-0-2015-3412)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.php.net/bug.php?id=69353 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257 | x_refsource_CONFIRM | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/75250 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:47:57.712Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69353", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "75250", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75250", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-02T00:00:00", descriptions: [ { lang: "en", value: "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69353", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "75250", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75250", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3412", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "https://bugs.php.net/bug.php?id=69353", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69353", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "75250", refsource: "BID", url: "http://www.securityfocus.com/bid/75250", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3412", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-04-24T00:00:00", dateUpdated: "2024-08-06T05:47:57.712Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4026 (GCVE-0-2015-4026)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=68598", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "1032431", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032431", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "75056", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75056", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-13T00:00:00", descriptions: [ { lang: "en", value: "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=68598", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "1032431", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032431", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "75056", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75056", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4026", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "https://bugs.php.net/bug.php?id=68598", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=68598", }, { name: "openSUSE-SU-2015:0993", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "1032431", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032431", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "75056", refsource: "BID", url: "http://www.securityfocus.com/bid/75056", }, { name: "FEDORA-2015-8281", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4026", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-05-18T00:00:00", dateUpdated: "2024-08-06T06:04:02.379Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4021 (GCVE-0-2015-4021)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.980Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "74700", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74700", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "1032433", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032433", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69453", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-13T00:00:00", descriptions: [ { lang: "en", value: "The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \\0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "74700", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74700", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "1032433", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032433", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69453", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4021", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \\0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "openSUSE-SU-2015:0993", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "74700", refsource: "BID", url: "http://www.securityfocus.com/bid/74700", }, { name: "DSA-3280", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "1032433", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032433", }, { name: "https://bugs.php.net/bug.php?id=69453", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69453", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4021", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-05-18T00:00:00", dateUpdated: "2024-08-06T06:04:02.980Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4147 (GCVE-0-2015-4147)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.978Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032459", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032459", }, { name: "[oss-security] 20150601 Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize()", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "73357", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/73357", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69085", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-19T00:00:00", descriptions: [ { lang: "en", value: "The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a \"type confusion\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032459", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032459", }, { name: "[oss-security] 20150601 Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize()", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "73357", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/73357", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69085", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a \"type confusion\" issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032459", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032459", }, { name: "[oss-security] 20150601 Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize()", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "73357", refsource: "BID", url: "http://www.securityfocus.com/bid/73357", }, { name: "https://bugs.php.net/bug.php?id=69085", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69085", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1053", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4147", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-06-01T00:00:00", dateUpdated: "2024-08-06T06:04:02.978Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9673 (GCVE-0-2014-9673)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:04.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=154", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=154", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9673", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=154", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=154", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9673", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:04.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0546 (GCVE-0-2016-0546)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.686Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "81066", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81066", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "81066", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81066", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0546", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", refsource: "CONFIRM", url: "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "81066", refsource: "BID", url: "http://www.securityfocus.com/bid/81066", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", refsource: "CONFIRM", url: "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { name: "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", refsource: "CONFIRM", url: "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0546", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.686Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3329 (GCVE-0-2015-3329)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:47:57.783Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74240", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74240", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69441", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032145", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032145", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-16T00:00:00", descriptions: [ { lang: "en", value: "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74240", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74240", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69441", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032145", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032145", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3329", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74240", refsource: "BID", url: "http://www.securityfocus.com/bid/74240", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "https://bugs.php.net/bug.php?id=69441", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69441", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032145", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032145", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "DSA-3280", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3329", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-04-17T00:00:00", dateUpdated: "2024-08-06T05:47:57.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0606 (GCVE-0-2016-0606)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.726Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0606", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0606", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.726Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4601 (GCVE-0-2015-4601)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75246 | vdb-entry, x_refsource_BID | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.007Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { name: "75246", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75246", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { name: "75246", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75246", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4601", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { name: "75246", refsource: "BID", url: "http://www.securityfocus.com/bid/75246", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4601", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.007Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7166 (GCVE-0-2016-7166)
Vulnerability from cvelistv5
Published
2016-09-21 14:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-1844.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/09/08/18 | mailing-list, x_refsource_MLIST | |
| https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0 | x_refsource_CONFIRM | |
| https://github.com/libarchive/libarchive/issues/660 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1347086 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-1850.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2016/09/08/15 | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/201701-03 | vendor-advisory, x_refsource_GENTOO | |
| https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/92901 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.528Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "[oss-security] 20160908 Re: CVE request: libarchive (pre 3.2.0) denial of service with gzip quine", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/18", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/issues/660", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347086", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "[oss-security] 20160908 CVE request: libarchive (pre 3.2.0) denial of service with gzip quine", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/15", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-03", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362", }, { name: "92901", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92901", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-19T00:00:00", descriptions: [ { lang: "en", value: "libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "[oss-security] 20160908 Re: CVE request: libarchive (pre 3.2.0) denial of service with gzip quine", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/18", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/issues/660", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347086", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "[oss-security] 20160908 CVE request: libarchive (pre 3.2.0) denial of service with gzip quine", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/09/08/15", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-03", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362", }, { name: "92901", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92901", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7166", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:1844", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "[oss-security] 20160908 Re: CVE request: libarchive (pre 3.2.0) denial of service with gzip quine", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/09/08/18", }, { name: "https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0", }, { name: "https://github.com/libarchive/libarchive/issues/660", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/issues/660", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1347086", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347086", }, { name: "RHSA-2016:1850", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "[oss-security] 20160908 CVE request: libarchive (pre 3.2.0) denial of service with gzip quine", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/09/08/15", }, { name: "GLSA-201701-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-03", }, { name: "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362", refsource: "CONFIRM", url: "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362", }, { name: "92901", refsource: "BID", url: "http://www.securityfocus.com/bid/92901", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7166", datePublished: "2016-09-21T14:00:00", dateReserved: "2016-09-08T00:00:00", dateUpdated: "2024-08-06T01:50:47.528Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-8241 (GCVE-0-2014-8241)
Vulnerability from cvelistv5
Published
2016-12-14 22:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/oss-sec/2014/q4/278 | mailing-list, x_refsource_MLIST | |
| https://rhn.redhat.com/errata/RHSA-2015-2233.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1151312 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/70390 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2014/q4/300 | mailing-list, x_refsource_MLIST | |
| http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:10:51.088Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20141010 Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q4/278", }, { name: "RHSA-2015:2233", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2015-2233.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1151312", }, { name: "70390", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/70390", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "[oss-security] 20141011 Re: Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q4/300", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-10-10T00:00:00", descriptions: [ { lang: "en", value: "XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-15T21:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20141010 Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q4/278", }, { name: "RHSA-2015:2233", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2015-2233.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1151312", }, { name: "70390", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/70390", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "[oss-security] 20141011 Re: Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q4/300", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-8241", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20141010 Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q4/278", }, { name: "RHSA-2015:2233", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2015-2233.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1151312", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1151312", }, { name: "70390", refsource: "BID", url: "http://www.securityfocus.com/bid/70390", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "[oss-security] 20141011 Re: Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q4/300", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-8241", datePublished: "2016-12-14T22:00:00", dateReserved: "2014-10-11T00:00:00", dateUpdated: "2024-08-06T13:10:51.088Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-4344 (GCVE-0-2014-4344)
Vulnerability from cvelistv5
Published
2014-08-14 01:00
Modified
2024-08-06 11:12
Severity ?
EPSS score ?
Summary
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T11:12:35.121Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", }, { name: "kerberos-cve20144344-dos(95210)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "60448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60448", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", }, { name: "FEDORA-2014-8189", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { name: "61051", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61051", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", }, { name: "MDVSA-2014:165", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "69160", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/69160", }, { name: "109389", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/109389", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59102", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-07-21T00:00:00", descriptions: [ { lang: "en", value: "The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", }, { name: "kerberos-cve20144344-dos(95210)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "60448", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60448", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", }, { name: "FEDORA-2014-8189", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { name: "61051", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61051", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", }, { name: "MDVSA-2014:165", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "69160", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/69160", }, { name: "109389", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/109389", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59102", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-4344", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", }, { name: "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", }, { name: "kerberos-cve20144344-dos(95210)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", }, { name: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { name: "RHSA-2015:0439", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "60448", refsource: "SECUNIA", url: "http://secunia.com/advisories/60448", }, { name: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", refsource: "CONFIRM", url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", }, { name: "FEDORA-2014-8189", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", }, { name: "61051", refsource: "SECUNIA", url: "http://secunia.com/advisories/61051", }, { name: "DSA-3000", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", }, { name: "MDVSA-2014:165", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "69160", refsource: "BID", url: "http://www.securityfocus.com/bid/69160", }, { name: "109389", refsource: "OSVDB", url: "http://www.osvdb.org/109389", }, { name: "1030706", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", refsource: "SECUNIA", url: "http://secunia.com/advisories/60082", }, { name: "http://advisories.mageia.org/MGASA-2014-0345.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", refsource: "SECUNIA", url: "http://secunia.com/advisories/59102", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-4344", datePublished: "2014-08-14T01:00:00", dateReserved: "2014-06-20T00:00:00", dateUpdated: "2024-08-06T11:12:35.121Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-3640 (GCVE-0-2014-3640)
Vulnerability from cvelistv5
Published
2014-11-07 19:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2014/dsa-3045 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1144818 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-0624.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-0349.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2014/dsa-3044 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.html | mailing-list, x_refsource_MLIST | |
| http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html | mailing-list, x_refsource_MLIST | |
| http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.html | mailing-list, x_refsource_MLIST | |
| http://www.ubuntu.com/usn/USN-2409-1 | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:18.275Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3045", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3045", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1144818", }, { name: "RHSA-2015:0624", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0624.html", }, { name: "RHSA-2015:0349", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0349.html", }, { name: "DSA-3044", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3044", }, { name: "[Qemu-devel] 20140923 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.html", }, { name: "[Qemu-devel] 20140918 [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html", }, { name: "[Qemu-devel] 20140924 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.html", }, { name: "USN-2409-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2409-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-18T00:00:00", descriptions: [ { lang: "en", value: "The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "DSA-3045", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3045", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1144818", }, { name: "RHSA-2015:0624", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0624.html", }, { name: "RHSA-2015:0349", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0349.html", }, { name: "DSA-3044", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3044", }, { name: "[Qemu-devel] 20140923 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.html", }, { name: "[Qemu-devel] 20140918 [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html", }, { name: "[Qemu-devel] 20140924 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.html", }, { name: "USN-2409-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2409-1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3640", datePublished: "2014-11-07T19:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:18.275Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9657 (GCVE-0-2014-9657)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:02.970Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=195", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=195", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9657", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=195", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=195", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9657", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:02.970Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0597 (GCVE-0-2016-0597)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.838Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "81151", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81151", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "81151", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81151", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0597", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "81151", refsource: "BID", url: "http://www.securityfocus.com/bid/81151", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0597", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.838Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0695 (GCVE-0-2016-0695)
Vulnerability from cvelistv5
Published
2016-04-21 10:00
Modified
2024-10-15 19:08
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:30:03.522Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2016:1222", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html", }, { name: "RHSA-2016:0677", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0677.html", }, { name: "USN-2972-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2972-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "openSUSE-SU-2016:1235", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html", }, { name: "openSUSE-SU-2016:1262", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html", }, { name: "RHSA-2016:0676", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0676.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160420-0001/", }, { name: "RHSA-2016:0723", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0723.html", }, { name: "RHSA-2016:0651", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0651.html", }, { name: "SUSE-SU-2016:1248", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html", }, { name: "86438", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/86438", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10159", }, { name: "USN-2964-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2964-1", }, { name: "openSUSE-SU-2016:1230", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html", }, { name: "GLSA-201606-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-18", }, { name: "1035596", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1035596", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { name: "openSUSE-SU-2016:1265", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html", }, { name: "USN-2963-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2963-1", }, { name: "RHSA-2016:0675", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0675.html", }, { name: "SUSE-SU-2016:1250", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html", }, { name: "RHSA-2016:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0679.html", }, { name: "DSA-3558", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3558", }, { name: "RHSA-2016:0678", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0678.html", }, { name: "RHSA-2016:0650", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0650.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2016-0695", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T18:58:14.297955Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T19:08:50.079Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-04-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-09T10:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "openSUSE-SU-2016:1222", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html", }, { name: "RHSA-2016:0677", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0677.html", }, { name: "USN-2972-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2972-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "openSUSE-SU-2016:1235", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html", }, { name: "openSUSE-SU-2016:1262", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html", }, { name: "RHSA-2016:0676", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0676.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20160420-0001/", }, { name: "RHSA-2016:0723", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0723.html", }, { name: "RHSA-2016:0651", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0651.html", }, { name: "SUSE-SU-2016:1248", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html", }, { name: "86438", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/86438", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10159", }, { name: "USN-2964-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2964-1", }, { name: "openSUSE-SU-2016:1230", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html", }, { name: "GLSA-201606-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-18", }, { name: "1035596", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1035596", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { name: "openSUSE-SU-2016:1265", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html", }, { name: "USN-2963-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2963-1", }, { name: "RHSA-2016:0675", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0675.html", }, { name: "SUSE-SU-2016:1250", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html", }, { name: "RHSA-2016:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0679.html", }, { name: "DSA-3558", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3558", }, { name: "RHSA-2016:0678", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0678.html", }, { name: "RHSA-2016:0650", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0650.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0695", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2016:1222", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html", }, { name: "RHSA-2016:0677", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0677.html", }, { name: "USN-2972-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2972-1", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "openSUSE-SU-2016:1235", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html", }, { name: "openSUSE-SU-2016:1262", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html", }, { name: "RHSA-2016:0676", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0676.html", }, { name: "https://security.netapp.com/advisory/ntap-20160420-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20160420-0001/", }, { name: "RHSA-2016:0723", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0723.html", }, { name: "RHSA-2016:0651", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0651.html", }, { name: "SUSE-SU-2016:1248", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html", }, { name: "86438", refsource: "BID", url: "http://www.securityfocus.com/bid/86438", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10159", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10159", }, { name: "USN-2964-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2964-1", }, { name: "openSUSE-SU-2016:1230", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html", }, { name: "GLSA-201606-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-18", }, { name: "1035596", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1035596", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { name: "openSUSE-SU-2016:1265", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html", }, { name: "USN-2963-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2963-1", }, { name: "RHSA-2016:0675", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0675.html", }, { name: "SUSE-SU-2016:1250", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html", }, { name: "RHSA-2016:0679", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0679.html", }, { name: "DSA-3558", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3558", }, { name: "RHSA-2016:0678", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0678.html", }, { name: "RHSA-2016:0650", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0650.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0695", datePublished: "2016-04-21T10:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-10-15T19:08:50.079Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2109 (GCVE-0-2016-2109)
Vulnerability from cvelistv5
Published
2016-05-05 00:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:17:50.542Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "DSA-3566", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { tags: [ "x_transferred", ], url: "https://source.android.com/security/bulletin/2017-07-01", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1035721", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2016-18", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=c62981390d6cf9e3d612c489b8b77c2913b25807", }, { name: "91787", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "87940", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/87940", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/HT206903", }, { tags: [ "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { tags: [ "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00", descriptions: [ { lang: "en", value: "The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "DSA-3566", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { url: "https://source.android.com/security/bulletin/2017-07-01", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1035721", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { url: "https://www.tenable.com/security/tns-2016-18", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=c62981390d6cf9e3d612c489b8b77c2913b25807", }, { name: "91787", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "87940", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/87940", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { url: "https://www.openssl.org/news/secadv/20160503.txt", }, { url: "https://support.apple.com/HT206903", }, { url: "https://bto.bluecoat.com/security-advisory/sa123", }, { url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-2109", datePublished: "2016-05-05T00:00:00", dateReserved: "2016-01-29T00:00:00", dateUpdated: "2024-08-05T23:17:50.542Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7050 (GCVE-0-2016-7050)
Vulnerability from cvelistv5
Published
2017-06-08 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2604.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1378613 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.432Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:2604", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2604.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1378613", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-22T00:00:00", descriptions: [ { lang: "en", value: "SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-08T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2016:2604", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2604.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1378613", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7050", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:2604", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2604.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1378613", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1378613", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7050", datePublished: "2017-06-08T19:00:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:50:47.432Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4142 (GCVE-0-2015-4142)
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.867Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/05/31/6", }, { name: "FEDORA-2015-cfea96144a", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html", }, { name: "RHSA-2015:1439", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1439.html", }, { name: "FEDORA-2015-6f16b5e39e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html", }, { name: "1032625", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032625", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt", }, { name: "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/05/09/5", }, { name: "DSA-3397", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3397", }, { name: "GLSA-201606-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-17", }, { name: "USN-2650-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2650-1", }, { name: "FEDORA-2015-1521e91178", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html", }, { name: "openSUSE-SU-2015:1030", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html", }, { name: "RHSA-2015:1090", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT213258", }, { name: "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/34", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-04T00:00:00", descriptions: [ { lang: "en", value: "Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-17T06:08:43", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/05/31/6", }, { name: "FEDORA-2015-cfea96144a", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html", }, { name: "RHSA-2015:1439", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1439.html", }, { name: "FEDORA-2015-6f16b5e39e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html", }, { name: "1032625", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032625", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt", }, { name: "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/05/09/5", }, { name: "DSA-3397", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3397", }, { name: "GLSA-201606-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-17", }, { name: "USN-2650-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2650-1", }, { name: "FEDORA-2015-1521e91178", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html", }, { name: "openSUSE-SU-2015:1030", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html", }, { name: "RHSA-2015:1090", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT213258", }, { name: "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/May/34", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4142", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/05/31/6", }, { name: "FEDORA-2015-cfea96144a", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html", }, { name: "RHSA-2015:1439", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1439.html", }, { name: "FEDORA-2015-6f16b5e39e", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html", }, { name: "1032625", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032625", }, { name: "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt", refsource: "CONFIRM", url: "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt", }, { name: "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/05/09/5", }, { name: "DSA-3397", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3397", }, { name: "GLSA-201606-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-17", }, { name: "USN-2650-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2650-1", }, { name: "FEDORA-2015-1521e91178", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html", }, { name: "openSUSE-SU-2015:1030", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html", }, { name: "RHSA-2015:1090", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, { name: "https://support.apple.com/kb/HT213258", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT213258", }, { name: "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/May/34", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4142", datePublished: "2015-06-15T15:00:00", dateReserved: "2015-05-31T00:00:00", dateUpdated: "2024-08-06T06:04:02.867Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7091 (GCVE-0-2016-7091)
Vulnerability from cvelistv5
Published
2016-12-22 21:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/92615 | vdb-entry, x_refsource_BID | |
| https://rhn.redhat.com/errata/RHSA-2016-2593.html | vendor-advisory, x_refsource_REDHAT | |
| https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.551Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "92615", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92615", }, { name: "RHSA-2016:2593", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2016-2593.html", }, { name: "[Bug-readline] 20160524 INPUTRC issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-24T00:00:00", descriptions: [ { lang: "en", value: "sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-22T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "92615", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92615", }, { name: "RHSA-2016:2593", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2016-2593.html", }, { name: "[Bug-readline] 20160524 INPUTRC issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7091", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "92615", refsource: "BID", url: "http://www.securityfocus.com/bid/92615", }, { name: "RHSA-2016:2593", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2016-2593.html", }, { name: "[Bug-readline] 20160524 INPUTRC issues", refsource: "MLIST", url: "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7091", datePublished: "2016-12-22T21:00:00", dateReserved: "2016-08-25T00:00:00", dateUpdated: "2024-08-06T01:50:47.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4446 (GCVE-0-2016-4446)
Vulnerability from cvelistv5
Published
2017-04-11 18:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://rhn.redhat.com/errata/RHSA-2016-1267.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1339250 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91427 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036144 | vdb-entry, x_refsource_SECTRACK | |
| http://seclists.org/oss-sec/2016/q2/575 | mailing-list, x_refsource_MLIST | |
| https://access.redhat.com/errata/RHSA-2016:1293 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:32:25.255Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", }, { name: "91427", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91427", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { name: "RHSA-2016:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-21T00:00:00", descriptions: [ { lang: "en", value: "The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-12T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", }, { name: "91427", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91427", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { name: "RHSA-2016:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-4446", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:1267", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { name: "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", refsource: "CONFIRM", url: "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", }, { name: "91427", refsource: "BID", url: "http://www.securityfocus.com/bid/91427", }, { name: "1036144", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", refsource: "MLIST", url: "http://seclists.org/oss-sec/2016/q2/575", }, { name: "RHSA-2016:1293", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1293", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4446", datePublished: "2017-04-11T18:00:00", dateReserved: "2016-05-02T00:00:00", dateUpdated: "2024-08-06T00:32:25.255Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9666 (GCVE-0-2014-9666)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:02.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=167", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=167", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9666", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=167", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=167", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9666", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:02.949Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4300 (GCVE-0-2016-4300)
Vulnerability from cvelistv5
Published
2016-09-21 14:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:25:14.068Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { name: "91326", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91326", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/issues/718", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.talosintel.com/reports/TALOS-2016-0152/", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-03", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00062&languageid=en-fr", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3657", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1348439", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-19T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { name: "91326", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91326", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/issues/718", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.talosintel.com/reports/TALOS-2016-0152/", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-03", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00062&languageid=en-fr", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3657", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1348439", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2016-4300", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:1844", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", refsource: "MISC", url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { name: "91326", refsource: "BID", url: "http://www.securityfocus.com/bid/91326", }, { name: "https://github.com/libarchive/libarchive/issues/718", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/issues/718", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "http://www.talosintel.com/reports/TALOS-2016-0152/", refsource: "MISC", url: "http://www.talosintel.com/reports/TALOS-2016-0152/", }, { name: "GLSA-201701-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-03", }, { name: "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573", }, { name: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00062&languageid=en-fr", refsource: "CONFIRM", url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00062&languageid=en-fr", }, { name: "DSA-3657", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3657", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1348439", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1348439", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2016-4300", datePublished: "2016-09-21T14:00:00", dateReserved: "2016-04-27T00:00:00", dateUpdated: "2024-08-06T00:25:14.068Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5234 (GCVE-0-2015-5234)
Vulnerability from cvelistv5
Published
2015-10-09 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ubuntu.com/usn/USN-2817-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html | vendor-advisory, x_refsource_SUSE | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securitytracker.com/id/1033780 | vdb-entry, x_refsource_SECTRACK | |
| http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2016-0778.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1233667 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:08.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2817-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2817-1", }, { name: "openSUSE-SU-2015:1595", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "FEDORA-2015-15676", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { name: "1033780", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033780", }, { name: "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { name: "RHSA-2016:0778", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { name: "FEDORA-2015-15677", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233667", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-09-11T00:00:00", descriptions: [ { lang: "en", value: "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-06T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "USN-2817-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2817-1", }, { name: "openSUSE-SU-2015:1595", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "FEDORA-2015-15676", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { name: "1033780", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033780", }, { name: "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { name: "RHSA-2016:0778", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { name: "FEDORA-2015-15677", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233667", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-5234", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2817-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2817-1", }, { name: "openSUSE-SU-2015:1595", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "FEDORA-2015-15676", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { name: "1033780", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033780", }, { name: "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released", refsource: "MLIST", url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { name: "RHSA-2016:0778", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { name: "FEDORA-2015-15677", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1233667", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233667", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5234", datePublished: "2015-10-09T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:08.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3068 (GCVE-0-2016-3068)
Vulnerability from cvelistv5
Published
2016-04-13 16:00
Modified
2024-08-05 23:40
Severity ?
EPSS score ?
Summary
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:40:15.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2016-79604dde9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { name: "GLSA-201612-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-19", }, { name: "DSA-3542", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://selenic.com/repo/hg-stable/rev/34d43cb85de8", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "openSUSE-SU-2016:1016", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { name: "RHSA-2016:0706", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "SUSE-SU-2016:1011", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { name: "SUSE-SU-2016:1010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { name: "85733", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/85733", }, { name: "FEDORA-2016-b7f1f8e3bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { name: "openSUSE-SU-2016:1073", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-29T00:00:00", descriptions: [ { lang: "en", value: "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2016-79604dde9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { name: "GLSA-201612-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201612-19", }, { name: "DSA-3542", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://selenic.com/repo/hg-stable/rev/34d43cb85de8", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "openSUSE-SU-2016:1016", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { name: "RHSA-2016:0706", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "SUSE-SU-2016:1011", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { name: "SUSE-SU-2016:1010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { name: "85733", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/85733", }, { name: "FEDORA-2016-b7f1f8e3bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { name: "openSUSE-SU-2016:1073", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-3068", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2016-79604dde9f", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { name: "GLSA-201612-19", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201612-19", }, { name: "DSA-3542", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3542", }, { name: "https://selenic.com/repo/hg-stable/rev/34d43cb85de8", refsource: "CONFIRM", url: "https://selenic.com/repo/hg-stable/rev/34d43cb85de8", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "openSUSE-SU-2016:1016", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { name: "RHSA-2016:0706", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { name: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", refsource: "CONFIRM", url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "SUSE-SU-2016:1011", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { name: "SUSE-SU-2016:1010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { name: "85733", refsource: "BID", url: "http://www.securityfocus.com/bid/85733", }, { name: "FEDORA-2016-b7f1f8e3bf", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { name: "openSUSE-SU-2016:1073", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3068", datePublished: "2016-04-13T16:00:00", dateReserved: "2016-03-10T00:00:00", dateUpdated: "2024-08-05T23:40:15.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-8564 (GCVE-0-2014-8564)
Vulnerability from cvelistv5
Published
2014-11-13 15:00
Modified
2024-08-06 13:18
Severity ?
EPSS score ?
Summary
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/59991 | third-party-advisory, x_refsource_SECUNIA | |
| http://rhn.redhat.com/errata/RHSA-2014-1846.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.ubuntu.com/usn/USN-2403-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://secunia.com/advisories/62294 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1161443 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/62284 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:18:48.419Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59991", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59991", }, { name: "RHSA-2014:1846", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1846.html", }, { name: "USN-2403-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2403-1", }, { name: "62294", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62294", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1161443", }, { name: "62284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62284", }, { name: "openSUSE-SU-2014:1472", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-11-11T00:00:00", descriptions: [ { lang: "en", value: "The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-11-24T15:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "59991", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59991", }, { name: "RHSA-2014:1846", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1846.html", }, { name: "USN-2403-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2403-1", }, { name: "62294", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62294", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1161443", }, { name: "62284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62284", }, { name: "openSUSE-SU-2014:1472", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-8564", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59991", refsource: "SECUNIA", url: "http://secunia.com/advisories/59991", }, { name: "RHSA-2014:1846", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1846.html", }, { name: "USN-2403-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2403-1", }, { name: "62294", refsource: "SECUNIA", url: "http://secunia.com/advisories/62294", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1161443", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1161443", }, { name: "62284", refsource: "SECUNIA", url: "http://secunia.com/advisories/62284", }, { name: "openSUSE-SU-2014:1472", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-8564", datePublished: "2014-11-13T15:00:00", dateReserved: "2014-10-30T00:00:00", dateUpdated: "2024-08-06T13:18:48.419Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0600 (GCVE-0-2016-0600)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.760Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { name: "81188", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81188", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { name: "81188", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81188", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0600", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, { name: "81188", refsource: "BID", url: "http://www.securityfocus.com/bid/81188", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0600", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.760Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0616 (GCVE-0-2016-0616)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.850Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "81176", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81176", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "81176", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81176", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0616", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "81176", refsource: "BID", url: "http://www.securityfocus.com/bid/81176", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0616", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4148 (GCVE-0-2015-4148)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.977Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032459", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032459", }, { name: "[oss-security] 20150601 Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize()", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69085", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:1057", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "75103", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75103", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-02T00:00:00", descriptions: [ { lang: "en", value: "The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a \"type confusion\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032459", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032459", }, { name: "[oss-security] 20150601 Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize()", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69085", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:1057", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "75103", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75103", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4148", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a \"type confusion\" issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "1032459", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032459", }, { name: "[oss-security] 20150601 Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize()", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2015/06/01/4", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "https://bugs.php.net/bug.php?id=69085", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69085", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1053", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:1057", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "75103", refsource: "BID", url: "http://www.securityfocus.com/bid/75103", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4148", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-06-01T00:00:00", dateUpdated: "2024-08-06T06:04:02.977Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0741 (GCVE-0-2016-0741)
Vulnerability from cvelistv5
Published
2016-04-19 21:00
Modified
2024-08-05 22:30
Severity ?
EPSS score ?
Summary
slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fedorahosted.org/389/ticket/48412 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/ | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-0204.html | vendor-advisory, x_refsource_REDHAT | |
| http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/82343 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:30:04.204Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/389/ticket/48412", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", }, { name: "RHSA-2016:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0204.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", }, { name: "82343", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/82343", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-25T00:00:00", descriptions: [ { lang: "en", value: "slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-10-07T17:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/389/ticket/48412", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", }, { name: "RHSA-2016:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0204.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", }, { name: "82343", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/82343", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-0741", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://fedorahosted.org/389/ticket/48412", refsource: "CONFIRM", url: "https://fedorahosted.org/389/ticket/48412", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", refsource: "CONFIRM", url: "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", }, { name: "RHSA-2016:0204", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0204.html", }, { name: "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", refsource: "CONFIRM", url: "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", }, { name: "82343", refsource: "BID", url: "http://www.securityfocus.com/bid/82343", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-0741", datePublished: "2016-04-19T21:00:00", dateReserved: "2015-12-16T00:00:00", dateUpdated: "2024-08-05T22:30:04.204Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0758 (GCVE-0-2016-0758)
Vulnerability from cvelistv5
Published
2016-06-27 10:00
Modified
2024-08-05 22:30
Severity ?
EPSS score ?
Summary
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:30:04.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2979-4", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2979-4", }, { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "SUSE-SU-2016:2010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { name: "SUSE-SU-2016:2011", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { name: "SUSE-SU-2016:2003", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { name: "SUSE-SU-2016:1994", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { name: "RHSA-2016:1055", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1055.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1961", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { name: "SUSE-SU-2016:2001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { name: "SUSE-SU-2016:1985", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "SUSE-SU-2016:2006", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { name: "[oss-security] 20160513 CVE-2016-0758 - Linux kernel - Flaw in ASN.1 DER decoder for x509 certificate DER files.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/05/12/9", }, { name: "SUSE-SU-2016:2014", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { name: "RHSA-2016:1033", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1033.html", }, { name: "openSUSE-SU-2016:1641", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1300257", }, { name: "SUSE-SU-2016:1672", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { name: "RHSA-2016:1051", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1051.html", }, { name: "SUSE-SU-2016:2009", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { name: "SUSE-SU-2016:2005", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { name: "SUSE-SU-2016:2007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { name: "90626", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/90626", }, { name: "SUSE-SU-2016:2000", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { name: "SUSE-SU-2016:1995", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "SUSE-SU-2016:2002", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { name: "HPSBHF3548", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-01T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T20:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "USN-2979-4", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2979-4", }, { name: "SUSE-SU-2016:1690", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html", }, { name: "SUSE-SU-2016:2010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { name: "SUSE-SU-2016:2011", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { name: "SUSE-SU-2016:2003", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa", }, { name: "SUSE-SU-2016:1994", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { name: "RHSA-2016:1055", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1055.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1961", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { name: "SUSE-SU-2016:2001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { name: "SUSE-SU-2016:1985", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "SUSE-SU-2016:2006", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { name: "[oss-security] 20160513 CVE-2016-0758 - Linux kernel - Flaw in ASN.1 DER decoder for x509 certificate DER files.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/05/12/9", }, { name: "SUSE-SU-2016:2014", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { name: "RHSA-2016:1033", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1033.html", }, { name: "openSUSE-SU-2016:1641", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1300257", }, { name: "SUSE-SU-2016:1672", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", }, { name: "RHSA-2016:1051", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1051.html", }, { name: "SUSE-SU-2016:2009", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { name: "SUSE-SU-2016:2005", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { name: "SUSE-SU-2016:2007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { name: "90626", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/90626", }, { name: "SUSE-SU-2016:2000", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { name: "SUSE-SU-2016:1995", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "SUSE-SU-2016:2002", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { name: "HPSBHF3548", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-0758", datePublished: "2016-06-27T10:00:00", dateReserved: "2015-12-16T00:00:00", dateUpdated: "2024-08-05T22:30:04.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5388 (GCVE-0-2016-5388)
Vulnerability from cvelistv5
Published
2016-07-19 01:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:00:59.990Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1635", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1635", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { name: "VU#797896", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/797896", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "RHSA-2016:2045", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { name: "RHSA-2016:2046", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html", }, { name: "91818", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91818", }, { name: "openSUSE-SU-2016:2252", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us", }, { name: "RHSA-2016:1624", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.apache.org/security/asf-httpoxy-response.txt", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://httpoxy.org/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "1036331", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036331", }, { name: "RHSA-2016:1636", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1636", }, { name: "[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html", }, { name: "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { name: "[activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E", }, { name: "[activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E", }, { name: "[tomcat-users] 20200813 CVE reporting discrepencies", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E", }, { name: "[tomcat-users] 20200813 Re: CVE reporting discrepencies", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E", }, { name: "[tomcat-users] 20200814 Re: CVE reporting discrepencies", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-18T00:00:00", descriptions: [ { lang: "en", value: "Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388\"; in other words, this is not a CVE ID for a vulnerability.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-14T10:06:04", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2016:1635", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1635", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", }, { name: "VU#797896", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/797896", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "RHSA-2016:2045", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { name: "RHSA-2016:2046", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html", }, { name: "91818", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91818", }, { name: "openSUSE-SU-2016:2252", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us", }, { name: "RHSA-2016:1624", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.apache.org/security/asf-httpoxy-response.txt", }, { tags: [ "x_refsource_MISC", ], url: "https://httpoxy.org/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "1036331", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036331", }, { name: "RHSA-2016:1636", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1636", }, { name: "[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html", }, { name: "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { name: "[activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E", }, { name: "[activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E", }, { name: "[tomcat-users] 20200813 CVE reporting discrepencies", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E", }, { name: "[tomcat-users] 20200813 Re: CVE reporting discrepencies", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E", }, { name: "[tomcat-users] 20200814 Re: CVE reporting discrepencies", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-5388", datePublished: "2016-07-19T01:00:00", dateReserved: "2016-06-10T00:00:00", dateUpdated: "2024-08-06T01:00:59.990Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7498 (GCVE-0-2015-7498)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.127Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281879", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xmlsoft.org/news.html", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "79548", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/79548", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-20T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281879", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xmlsoft.org/news.html", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "79548", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/79548", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7498", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.127Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-0236 (GCVE-0-2015-0236)
Vulnerability from cvelistv5
Published
2015-01-29 15:00
Modified
2024-08-06 04:03
Severity ?
EPSS score ?
Summary
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.libvirt.org/2015/0001.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:070 | vendor-advisory, x_refsource_MANDRIVA | |
| http://advisories.mageia.org/MGASA-2015-0046.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-02/msg00028.html | vendor-advisory, x_refsource_SUSE | |
| http://secunia.com/advisories/62766 | third-party-advisory, x_refsource_SECUNIA | |
| http://rhn.redhat.com/errata/RHSA-2015-0323.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:035 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.ubuntu.com/usn/USN-2867-1 | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:03:10.643Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://security.libvirt.org/2015/0001.html", }, { name: "MDVSA-2015:070", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0046.html", }, { name: "openSUSE-SU-2015:0225", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00028.html", }, { name: "62766", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62766", }, { name: "RHSA-2015:0323", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { name: "MDVSA-2015:035", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:035", }, { name: "USN-2867-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-01-22T00:00:00", descriptions: [ { lang: "en", value: "libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-04-14T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://security.libvirt.org/2015/0001.html", }, { name: "MDVSA-2015:070", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0046.html", }, { name: "openSUSE-SU-2015:0225", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00028.html", }, { name: "62766", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62766", }, { name: "RHSA-2015:0323", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { name: "MDVSA-2015:035", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:035", }, { name: "USN-2867-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-0236", datePublished: "2015-01-29T15:00:00", dateReserved: "2014-11-18T00:00:00", dateUpdated: "2024-08-06T04:03:10.643Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7545 (GCVE-0-2016-7545)
Vulnerability from cvelistv5
Published
2017-01-19 20:00
Modified
2024-08-06 02:04
Severity ?
EPSS score ?
Summary
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2017-0536.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2016/09/25/1 | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPRNK3PWMAVNJZ53YW5GOEOGJSFNAQIF/ | vendor-advisory, x_refsource_FEDORA | |
| http://rhn.redhat.com/errata/RHSA-2017-0535.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2702.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/93156 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037283 | vdb-entry, x_refsource_SECTRACK | |
| https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379 | x_refsource_CONFIRM | |
| https://marc.info/?l=selinux&m=147465160112766&w=2 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:04:54.960Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:0536", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0536.html", }, { name: "[oss-security] 20160925 CVE-2016-7545 -- SELinux sandbox escape", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/09/25/1", }, { name: "FEDORA-2016-b7e8e980ef", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPRNK3PWMAVNJZ53YW5GOEOGJSFNAQIF/", }, { name: "RHSA-2017:0535", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0535.html", }, { name: "RHSA-2016:2702", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2702.html", }, { name: "93156", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93156", }, { name: "1037283", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037283", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379", }, { name: "[selinux] 20160923 [PATCH 2/2] sandbox: create a new session for sandboxed processes", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://marc.info/?l=selinux&m=147465160112766&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-23T00:00:00", descriptions: [ { lang: "en", value: "SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2017:0536", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0536.html", }, { name: "[oss-security] 20160925 CVE-2016-7545 -- SELinux sandbox escape", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/09/25/1", }, { name: "FEDORA-2016-b7e8e980ef", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPRNK3PWMAVNJZ53YW5GOEOGJSFNAQIF/", }, { name: "RHSA-2017:0535", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0535.html", }, { name: "RHSA-2016:2702", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2702.html", }, { name: "93156", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93156", }, { name: "1037283", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037283", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379", }, { name: "[selinux] 20160923 [PATCH 2/2] sandbox: create a new session for sandboxed processes", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://marc.info/?l=selinux&m=147465160112766&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7545", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:0536", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0536.html", }, { name: "[oss-security] 20160925 CVE-2016-7545 -- SELinux sandbox escape", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/09/25/1", }, { name: "FEDORA-2016-b7e8e980ef", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPRNK3PWMAVNJZ53YW5GOEOGJSFNAQIF/", }, { name: "RHSA-2017:0535", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0535.html", }, { name: "RHSA-2016:2702", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2702.html", }, { name: "93156", refsource: "BID", url: "http://www.securityfocus.com/bid/93156", }, { name: "1037283", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037283", }, { name: "https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379", refsource: "CONFIRM", url: "https://github.com/SELinuxProject/selinux/commit/acca96a135a4d2a028ba9b636886af99c0915379", }, { name: "[selinux] 20160923 [PATCH 2/2] sandbox: create a new session for sandboxed processes", refsource: "MLIST", url: "https://marc.info/?l=selinux&m=147465160112766&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7545", datePublished: "2017-01-19T20:00:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T02:04:54.960Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7500 (GCVE-0-2015-7500)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.191Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206168", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xmlsoft.org/news.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { name: "79562", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/79562", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206166", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-20T00:00:00", descriptions: [ { lang: "en", value: "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206168", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xmlsoft.org/news.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { name: "79562", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/79562", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206166", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7500", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.191Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-8169 (GCVE-0-2014-8169)
Vulnerability from cvelistv5
Published
2015-03-18 16:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ubuntu.com/usn/USN-2579-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://rhn.redhat.com/errata/RHSA-2015-1344.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1192565 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00033.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/73211 | vdb-entry, x_refsource_BID | |
| https://bugzilla.suse.com/show_bug.cgi?id=917977 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:10:51.178Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2579-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2579-1", }, { name: "RHSA-2015:1344", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1344.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1192565", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "openSUSE-SU-2015:0475", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00033.html", }, { name: "73211", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/73211", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=917977", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-02T00:00:00", descriptions: [ { lang: "en", value: "automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "USN-2579-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2579-1", }, { name: "RHSA-2015:1344", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1344.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1192565", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "openSUSE-SU-2015:0475", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00033.html", }, { name: "73211", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/73211", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=917977", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-8169", datePublished: "2015-03-18T16:00:00", dateReserved: "2014-10-10T00:00:00", dateUpdated: "2024-08-06T13:10:51.178Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4599 (GCVE-0-2015-4599)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75251 | vdb-entry, x_refsource_BID | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| https://bugs.php.net/bug.php?id=69152 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.031Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75251", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75251", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4599", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75251", refsource: "BID", url: "http://www.securityfocus.com/bid/75251", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "https://bugs.php.net/bug.php?id=69152", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=51856a76f87ecb24fe1385342be43610fb6c86e4", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=51856a76f87ecb24fe1385342be43610fb6c86e4", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4599", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.031Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4445 (GCVE-0-2016-4445)
Vulnerability from cvelistv5
Published
2017-04-11 18:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://rhn.redhat.com/errata/RHSA-2016-1267.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1339183 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91430 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036144 | vdb-entry, x_refsource_SECTRACK | |
| http://seclists.org/oss-sec/2016/q2/575 | mailing-list, x_refsource_MLIST | |
| https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:32:25.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339183", }, { name: "91430", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91430", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-22T00:00:00", descriptions: [ { lang: "en", value: "The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-12T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339183", }, { name: "91430", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91430", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-4445", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:1267", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1339183", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1339183", }, { name: "91430", refsource: "BID", url: "http://www.securityfocus.com/bid/91430", }, { name: "1036144", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", refsource: "MLIST", url: "http://seclists.org/oss-sec/2016/q2/575", }, { name: "https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7", refsource: "CONFIRM", url: "https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4445", datePublished: "2017-04-11T18:00:00", dateReserved: "2016-05-02T00:00:00", dateUpdated: "2024-08-06T00:32:25.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-3580 (GCVE-0-2014-3580)
Vulnerability from cvelistv5
Published
2014-12-18 15:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2014/dsa-3107 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2015-0166.html | vendor-advisory, x_refsource_REDHAT | |
| https://support.apple.com/HT204427 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/71726 | vdb-entry, x_refsource_BID | |
| http://subversion.apache.org/security/CVE-2014-3580-advisory.txt | x_refsource_CONFIRM | |
| http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html | vendor-advisory, x_refsource_APPLE | |
| http://rhn.redhat.com/errata/RHSA-2015-0165.html | vendor-advisory, x_refsource_REDHAT | |
| http://secunia.com/advisories/61131 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ubuntu.com/usn/USN-2721-1 | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:17.546Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3107", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3107", }, { name: "RHSA-2015:0166", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT204427", }, { name: "71726", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/71726", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://subversion.apache.org/security/CVE-2014-3580-advisory.txt", }, { name: "APPLE-SA-2015-03-09-4", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "RHSA-2015:0165", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { name: "61131", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61131", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-17T00:00:00", descriptions: [ { lang: "en", value: "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-22T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "DSA-3107", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3107", }, { name: "RHSA-2015:0166", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT204427", }, { name: "71726", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/71726", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://subversion.apache.org/security/CVE-2014-3580-advisory.txt", }, { name: "APPLE-SA-2015-03-09-4", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "RHSA-2015:0165", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { name: "61131", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61131", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-3580", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3107", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3107", }, { name: "RHSA-2015:0166", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0166.html", }, { name: "https://support.apple.com/HT204427", refsource: "CONFIRM", url: "https://support.apple.com/HT204427", }, { name: "71726", refsource: "BID", url: "http://www.securityfocus.com/bid/71726", }, { name: "http://subversion.apache.org/security/CVE-2014-3580-advisory.txt", refsource: "CONFIRM", url: "http://subversion.apache.org/security/CVE-2014-3580-advisory.txt", }, { name: "APPLE-SA-2015-03-09-4", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Mar/msg00003.html", }, { name: "RHSA-2015:0165", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0165.html", }, { name: "61131", refsource: "SECUNIA", url: "http://secunia.com/advisories/61131", }, { name: "USN-2721-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2721-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3580", datePublished: "2014-12-18T15:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:17.546Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0505 (GCVE-0-2016-0505)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.348Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "81088", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81088", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "81088", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81088", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0505", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "81088", refsource: "BID", url: "http://www.securityfocus.com/bid/81088", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0505", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.348Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4603 (GCVE-0-2015-4603)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| https://bugs.php.net/bug.php?id=69152 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/75252 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.026Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "75252", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75252", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "75252", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75252", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4603", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a \"type confusion\" issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "https://bugs.php.net/bug.php?id=69152", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "75252", refsource: "BID", url: "http://www.securityfocus.com/bid/75252", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4603", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.026Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-7300 (GCVE-0-2014-7300)
Vulnerability from cvelistv5
Published
2014-12-25 21:00
Modified
2024-08-06 12:47
Severity ?
EPSS score ?
Summary
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-0535.html | vendor-advisory, x_refsource_REDHAT | |
| https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378 | x_refsource_CONFIRM | |
| https://bugzilla.gnome.org/show_bug.cgi?id=737456 | x_refsource_CONFIRM | |
| http://openwall.com/lists/oss-security/2014/09/29/17 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:47:32.779Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013", }, { name: "RHSA-2015:0535", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0535.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=737456", }, { name: "[oss-security] 20140929 gnome-shell lockscreen bypass with printscreen key", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2014/09/29/17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-29T00:00:00", descriptions: [ { lang: "en", value: "GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-03-16T12:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013", }, { name: "RHSA-2015:0535", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0535.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=737456", }, { name: "[oss-security] 20140929 gnome-shell lockscreen bypass with printscreen key", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2014/09/29/17", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7300", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013", refsource: "CONFIRM", url: "https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013", }, { name: "RHSA-2015:0535", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0535.html", }, { name: "https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378", refsource: "CONFIRM", url: "https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=737456", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=737456", }, { name: "[oss-security] 20140929 gnome-shell lockscreen bypass with printscreen key", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2014/09/29/17", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-7300", datePublished: "2014-12-25T21:00:00", dateReserved: "2014-10-02T00:00:00", dateUpdated: "2024-08-06T12:47:32.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5195 (GCVE-0-2015-5195)
Vulnerability from cvelistv5
Published
2017-07-21 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:07.979Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254544", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { name: "RHSA-2016:2583", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { name: "RHSA-2016:0780", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { name: "[oss-security] 20150825 Several low impact ntp.org ntpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { name: "76474", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76474", }, { name: "FEDORA-2015-14212", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { name: "FEDORA-2015-14213", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-01-05T00:00:00", descriptions: [ { lang: "en", value: "ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-05-17T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254544", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { name: "RHSA-2016:2583", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { name: "RHSA-2016:0780", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { name: "[oss-security] 20150825 Several low impact ntp.org ntpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { name: "76474", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76474", }, { name: "FEDORA-2015-14212", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { name: "FEDORA-2015-14213", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5195", datePublished: "2017-07-21T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:07.979Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3069 (GCVE-0-2016-3069)
Vulnerability from cvelistv5
Published
2016-04-13 16:00
Modified
2024-08-05 23:40
Severity ?
EPSS score ?
Summary
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:40:15.576Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2016-79604dde9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { name: "GLSA-201612-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-19", }, { name: "DSA-3542", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://selenic.com/repo/hg-stable/rev/b732e7f2aba4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://selenic.com/repo/hg-stable/rev/197eed39e3d5", }, { name: "openSUSE-SU-2016:1016", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://selenic.com/repo/hg-stable/rev/cdda7b96afff", }, { name: "RHSA-2016:0706", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://selenic.com/repo/hg-stable/rev/80cac1de6aea", }, { name: "SUSE-SU-2016:1011", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { name: "SUSE-SU-2016:1010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { name: "FEDORA-2016-b7f1f8e3bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://selenic.com/repo/hg-stable/rev/ae279d4a19e9", }, { name: "openSUSE-SU-2016:1073", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-29T00:00:00", descriptions: [ { lang: "en", value: "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2016-79604dde9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { name: "GLSA-201612-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201612-19", }, { name: "DSA-3542", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3542", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://selenic.com/repo/hg-stable/rev/b732e7f2aba4", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://selenic.com/repo/hg-stable/rev/197eed39e3d5", }, { name: "openSUSE-SU-2016:1016", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://selenic.com/repo/hg-stable/rev/cdda7b96afff", }, { name: "RHSA-2016:0706", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://selenic.com/repo/hg-stable/rev/80cac1de6aea", }, { name: "SUSE-SU-2016:1011", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { name: "SUSE-SU-2016:1010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { name: "FEDORA-2016-b7f1f8e3bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://selenic.com/repo/hg-stable/rev/ae279d4a19e9", }, { name: "openSUSE-SU-2016:1073", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-3069", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2016-79604dde9f", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html", }, { name: "GLSA-201612-19", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201612-19", }, { name: "DSA-3542", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3542", }, { name: "https://selenic.com/repo/hg-stable/rev/b732e7f2aba4", refsource: "CONFIRM", url: "https://selenic.com/repo/hg-stable/rev/b732e7f2aba4", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "https://selenic.com/repo/hg-stable/rev/197eed39e3d5", refsource: "CONFIRM", url: "https://selenic.com/repo/hg-stable/rev/197eed39e3d5", }, { name: "openSUSE-SU-2016:1016", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html", }, { name: "https://selenic.com/repo/hg-stable/rev/cdda7b96afff", refsource: "CONFIRM", url: "https://selenic.com/repo/hg-stable/rev/cdda7b96afff", }, { name: "RHSA-2016:0706", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0706.html", }, { name: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", refsource: "CONFIRM", url: "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://selenic.com/repo/hg-stable/rev/80cac1de6aea", refsource: "CONFIRM", url: "https://selenic.com/repo/hg-stable/rev/80cac1de6aea", }, { name: "SUSE-SU-2016:1011", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html", }, { name: "SUSE-SU-2016:1010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html", }, { name: "FEDORA-2016-b7f1f8e3bf", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html", }, { name: "https://selenic.com/repo/hg-stable/rev/ae279d4a19e9", refsource: "CONFIRM", url: "https://selenic.com/repo/hg-stable/rev/ae279d4a19e9", }, { name: "openSUSE-SU-2016:1073", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3069", datePublished: "2016-04-13T16:00:00", dateReserved: "2016-03-10T00:00:00", dateUpdated: "2024-08-05T23:40:15.576Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4024 (GCVE-0-2015-4024)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.812Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74903", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74903", }, { name: "1032432", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032432", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69364", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-13T00:00:00", descriptions: [ { lang: "en", value: "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74903", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74903", }, { name: "1032432", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032432", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69364", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4024", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74903", refsource: "BID", url: "http://www.securityfocus.com/bid/74903", }, { name: "1032432", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032432", }, { name: "RHSA-2015:1219", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "openSUSE-SU-2015:0993", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { name: "https://bugs.php.net/bug.php?id=69364", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69364", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4024", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-05-18T00:00:00", dateUpdated: "2024-08-06T06:04:02.812Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3149 (GCVE-0-2015-3149)
Vulnerability from cvelistv5
Published
2017-07-25 18:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75933 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1213365 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1228.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:31.606Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "75933", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75933", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1213365", }, { name: "RHSA-2015:1228", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-20T00:00:00", descriptions: [ { lang: "en", value: "The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-25T17:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "75933", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75933", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1213365", }, { name: "RHSA-2015:1228", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-3149", datePublished: "2017-07-25T18:00:00", dateReserved: "2015-04-10T00:00:00", dateUpdated: "2024-08-06T05:39:31.606Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9670 (GCVE-0-2014-9670)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:04.552Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=158", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=158", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9670", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://code.google.com/p/google-security-research/issues/detail?id=158", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=158", }, { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9670", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:04.552Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5418 (GCVE-0-2016-5418)
Vulnerability from cvelistv5
Published
2016-09-21 14:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:00:59.971Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362601", }, { name: "RHSA-2016:1852", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1852", }, { name: "RHSA-2016:1853", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1853", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9", }, { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/issues/746", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "93165", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93165", }, { name: "[oss-security] 20160809 FreeBSD update components vulns (libarchive, bsdiff, portsnap)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/08/09/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-09T00:00:00", descriptions: [ { lang: "en", value: "The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362601", }, { name: "RHSA-2016:1852", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1852", }, { name: "RHSA-2016:1853", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1853", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9", }, { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { tags: [ "x_refsource_MISC", ], url: "https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/issues/746", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "93165", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93165", }, { name: "[oss-security] 20160809 FreeBSD update components vulns (libarchive, bsdiff, portsnap)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/08/09/2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-5418", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1362601", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362601", }, { name: "RHSA-2016:1852", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1852", }, { name: "RHSA-2016:1853", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1853", }, { name: "https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9", }, { name: "RHSA-2016:1844", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f", refsource: "MISC", url: "https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f", }, { name: "https://github.com/libarchive/libarchive/issues/746", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/issues/746", }, { name: "RHSA-2016:1850", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "GLSA-201701-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-03", }, { name: "93165", refsource: "BID", url: "http://www.securityfocus.com/bid/93165", }, { name: "[oss-security] 20160809 FreeBSD update components vulns (libarchive, bsdiff, portsnap)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/08/09/2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-5418", datePublished: "2016-09-21T14:00:00", dateReserved: "2016-06-10T00:00:00", dateUpdated: "2024-08-06T01:00:59.971Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-5689 (GCVE-0-2012-5689)
Vulnerability from cvelistv5
Published
2013-01-25 11:00
Modified
2024-08-06 21:14
Severity ?
EPSS score ?
Summary
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.isc.org/article/AA-00855/ | x_refsource_CONFIRM | |
| http://www.isc.org/software/bind/advisories/cve-2012-5689 | x_refsource_CONFIRM | |
| http://www.ubuntu.com/usn/USN-2693-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://rhn.redhat.com/errata/RHSA-2013-0550.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:14:16.416Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-00855/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.isc.org/software/bind/advisories/cve-2012-5689", }, { name: "USN-2693-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2693-1", }, { name: "RHSA-2013:0550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0550.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-01-24T00:00:00", descriptions: [ { lang: "en", value: "ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-08-24T13:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-00855/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.isc.org/software/bind/advisories/cve-2012-5689", }, { name: "USN-2693-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2693-1", }, { name: "RHSA-2013:0550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0550.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-5689", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.isc.org/article/AA-00855/", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-00855/", }, { name: "http://www.isc.org/software/bind/advisories/cve-2012-5689", refsource: "CONFIRM", url: "http://www.isc.org/software/bind/advisories/cve-2012-5689", }, { name: "USN-2693-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2693-1", }, { name: "RHSA-2013:0550", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2013-0550.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-5689", datePublished: "2013-01-25T11:00:00", dateReserved: "2012-10-29T00:00:00", dateUpdated: "2024-08-06T21:14:16.416Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9661 (GCVE-0-2014-9661)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:02.921Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=187", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=187", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9661", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=187", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=187", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9661", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:02.921Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3717 (GCVE-0-2016-3717)
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:03:34.448Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "openSUSE-SU-2016:1326", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { name: "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00", descriptions: [ { lang: "en", value: "The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "openSUSE-SU-2016:1326", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { name: "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3717", datePublished: "2016-05-05T18:00:00", dateReserved: "2016-03-30T00:00:00", dateUpdated: "2024-08-06T00:03:34.448Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-9636 (GCVE-0-2016-9636)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-08-06 02:59
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2016/dsa-3724 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2017-0019.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2975.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2016/dsa-3723 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2017-0020.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/94499 | vdb-entry, x_refsource_BID | |
| https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/11/24/2 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.gnome.org/show_bug.cgi?id=774834 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201705-10 | vendor-advisory, x_refsource_GENTOO | |
| https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:59:03.235Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3724", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94499", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201705-10", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-23T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3724", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94499", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201705-10", }, { tags: [ "x_refsource_MISC", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-9636", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3724", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", refsource: "BID", url: "http://www.securityfocus.com/bid/94499", }, { name: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", refsource: "CONFIRM", url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201705-10", }, { name: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", refsource: "MISC", url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-9636", datePublished: "2017-01-27T22:01:00", dateReserved: "2016-11-23T00:00:00", dateUpdated: "2024-08-06T02:59:03.235Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4600 (GCVE-0-2015-4600)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8 | x_refsource_CONFIRM | |
| https://bugs.php.net/bug.php?id=69152 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/74413 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.080Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "74413", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74413", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "74413", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74413", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4600", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8", }, { name: "https://bugs.php.net/bug.php?id=69152", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69152", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "74413", refsource: "BID", url: "http://www.securityfocus.com/bid/74413", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4600", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.080Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4819 (GCVE-0-2015-4819)
Vulnerability from cvelistv5
Published
2015-10-21 21:00
Modified
2024-08-06 06:25
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:25:21.881Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "1033894", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033894", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "USN-2781-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2781-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { name: "77196", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77196", }, { name: "DSA-3385", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3385", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "RHSA-2015:1628", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { name: "DSA-3377", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3377", }, { name: "FEDORA-2016-e30164d0a2", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-10-21T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "1033894", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033894", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "USN-2781-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2781-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { name: "77196", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77196", }, { name: "DSA-3385", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3385", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "RHSA-2015:1628", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { name: "DSA-3377", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3377", }, { name: "FEDORA-2016-e30164d0a2", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2015-4819", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "1033894", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033894", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "USN-2781-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2781-1", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { name: "77196", refsource: "BID", url: "http://www.securityfocus.com/bid/77196", }, { name: "DSA-3385", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3385", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "RHSA-2015:1628", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { name: "DSA-3377", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3377", }, { name: "FEDORA-2016-e30164d0a2", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2015-4819", datePublished: "2015-10-21T21:00:00", dateReserved: "2015-06-24T00:00:00", dateUpdated: "2024-08-06T06:25:21.881Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2106 (GCVE-0-2016-2106)
Vulnerability from cvelistv5
Published
2016-05-05 00:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:17:50.739Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "DSA-3566", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1035721", }, { name: "RHSA-2016:1648", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3f3582139fbb259a1c3cbb0a25236500a409bf26", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { tags: [ "x_transferred", ], url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { name: "89744", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/89744", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2016-18", }, { name: "RHSA-2016:1649", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "RHSA-2016:1650", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/HT206903", }, { tags: [ "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { tags: [ "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "DSA-3566", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1035721", }, { name: "RHSA-2016:1648", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3f3582139fbb259a1c3cbb0a25236500a409bf26", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { name: "89744", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/89744", }, { url: "https://www.tenable.com/security/tns-2016-18", }, { name: "RHSA-2016:1649", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "RHSA-2016:1650", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { url: "https://www.openssl.org/news/secadv/20160503.txt", }, { url: "https://support.apple.com/HT206903", }, { url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-2106", datePublished: "2016-05-05T00:00:00", dateReserved: "2016-01-29T00:00:00", dateUpdated: "2024-08-05T23:17:50.739Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5235 (GCVE-0-2015-5235)
Vulnerability from cvelistv5
Published
2015-10-09 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ubuntu.com/usn/USN-2817-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html | vendor-advisory, x_refsource_SUSE | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1233697 | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securitytracker.com/id/1033780 | vdb-entry, x_refsource_SECTRACK | |
| http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2016-0778.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:08.683Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2817-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2817-1", }, { name: "openSUSE-SU-2015:1595", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233697", }, { name: "FEDORA-2015-15676", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { name: "1033780", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033780", }, { name: "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { name: "RHSA-2016:0778", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { name: "FEDORA-2015-15677", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-09-11T00:00:00", descriptions: [ { lang: "en", value: "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-06T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "USN-2817-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2817-1", }, { name: "openSUSE-SU-2015:1595", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233697", }, { name: "FEDORA-2015-15676", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { name: "1033780", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033780", }, { name: "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { name: "RHSA-2016:0778", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { name: "FEDORA-2015-15677", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-5235", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2817-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2817-1", }, { name: "openSUSE-SU-2015:1595", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1233697", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1233697", }, { name: "FEDORA-2015-15676", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html", }, { name: "1033780", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033780", }, { name: "[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released", refsource: "MLIST", url: "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html", }, { name: "RHSA-2016:0778", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0778.html", }, { name: "FEDORA-2015-15677", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5235", datePublished: "2015-10-09T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:08.683Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0608 (GCVE-0-2016-0608)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.766Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "81226", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81226", }, { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "81226", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81226", }, { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0608", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "81226", refsource: "BID", url: "http://www.securityfocus.com/bid/81226", }, { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0608", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.766Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4598 (GCVE-0-2015-4598)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2015/dsa-3344 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2015-1219.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| https://bugs.php.net/bug.php?id=69719 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/75244 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.018Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "DSA-3344", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3344", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69719", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "75244", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75244", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\\0.html attack that bypasses an intended configuration in which client users may write to only .html files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "DSA-3344", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3344", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69719", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "75244", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75244", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4598", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\\0.html attack that bypasses an intended configuration in which client users may write to only .html files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "DSA-3344", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3344", }, { name: "RHSA-2015:1219", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "https://bugs.php.net/bug.php?id=69719", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69719", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "75244", refsource: "BID", url: "http://www.securityfocus.com/bid/75244", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4598", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.018Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7981 (GCVE-0-2015-7981)
Vulnerability from cvelistv5
Published
2015-11-24 20:00
Modified
2024-08-06 08:06
Severity ?
EPSS score ?
Summary
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:06:31.465Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "77304", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77304", }, { name: "[oss-security] 20151026 CVE Requests for read out of bound in libpng", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/10/26/1", }, { name: "openSUSE-SU-2015:2136", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/", }, { name: "FEDORA-2015-ec2ddd15d7", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html", }, { name: "GLSA-201611-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201611-08", }, { name: "[oss-security] 20151026 Re: CVE Requests for read out of bound in libpng", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/10/26/3", }, { name: "FEDORA-2015-501493d853", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/", }, { name: "RHSA-2016:1430", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { name: "FEDORA-2015-1d87313b7c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html", }, { name: "DSA-3399", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3399", }, { name: "RHSA-2015:2595", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2595.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "1034393", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034393", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/p/libpng/bugs/241/", }, { name: "openSUSE-SU-2015:2099", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html", }, { name: "USN-2815-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2815-1", }, { name: "RHSA-2015:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2594.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-10-26T00:00:00", descriptions: [ { lang: "en", value: "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "77304", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77304", }, { name: "[oss-security] 20151026 CVE Requests for read out of bound in libpng", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/10/26/1", }, { name: "openSUSE-SU-2015:2136", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/", }, { name: "FEDORA-2015-ec2ddd15d7", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html", }, { name: "GLSA-201611-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201611-08", }, { name: "[oss-security] 20151026 Re: CVE Requests for read out of bound in libpng", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/10/26/3", }, { name: "FEDORA-2015-501493d853", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/", }, { name: "RHSA-2016:1430", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { name: "FEDORA-2015-1d87313b7c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html", }, { name: "DSA-3399", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3399", }, { name: "RHSA-2015:2595", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2595.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "1034393", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034393", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/p/libpng/bugs/241/", }, { name: "openSUSE-SU-2015:2099", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html", }, { name: "USN-2815-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2815-1", }, { name: "RHSA-2015:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2594.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-7981", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "77304", refsource: "BID", url: "http://www.securityfocus.com/bid/77304", }, { name: "[oss-security] 20151026 CVE Requests for read out of bound in libpng", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/10/26/1", }, { name: "openSUSE-SU-2015:2136", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html", }, { name: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/", refsource: "CONFIRM", url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/", }, { name: "FEDORA-2015-ec2ddd15d7", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html", }, { name: "GLSA-201611-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201611-08", }, { name: "[oss-security] 20151026 Re: CVE Requests for read out of bound in libpng", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/10/26/3", }, { name: "FEDORA-2015-501493d853", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html", }, { name: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/", refsource: "CONFIRM", url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/", }, { name: "RHSA-2016:1430", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { name: "FEDORA-2015-1d87313b7c", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html", }, { name: "DSA-3399", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3399", }, { name: "RHSA-2015:2595", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-2595.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/", refsource: "CONFIRM", url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "1034393", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034393", }, { name: "http://sourceforge.net/p/libpng/bugs/241/", refsource: "CONFIRM", url: "http://sourceforge.net/p/libpng/bugs/241/", }, { name: "openSUSE-SU-2015:2099", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html", }, { name: "USN-2815-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2815-1", }, { name: "RHSA-2015:2594", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-2594.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-7981", datePublished: "2015-11-24T20:00:00", dateReserved: "2015-10-26T00:00:00", dateUpdated: "2024-08-06T08:06:31.465Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5405 (GCVE-0-2016-5405)
Vulnerability from cvelistv5
Published
2017-06-08 19:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1358865 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-2594.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2765.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/93884 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:00:59.959Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358865", }, { name: "RHSA-2016:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { name: "RHSA-2016:2765", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { name: "93884", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93884", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-21T00:00:00", descriptions: [ { lang: "en", value: "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-08T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358865", }, { name: "RHSA-2016:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { name: "RHSA-2016:2765", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { name: "93884", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93884", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-5405", datePublished: "2017-06-08T19:00:00", dateReserved: "2016-06-10T00:00:00", dateUpdated: "2024-08-06T01:00:59.959Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9660 (GCVE-0-2014-9660)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:02.943Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9660", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=188", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=188", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9660", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:02.943Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-8540 (GCVE-0-2015-8540)
Vulnerability from cvelistv5
Published
2016-04-14 14:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:20:42.512Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/", }, { name: "GLSA-201611-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201611-08", }, { name: "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/11/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/", }, { name: "RHSA-2016:1430", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { name: "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/10/6", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/", }, { name: "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/11/1", }, { name: "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/10/7", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/", }, { name: "DSA-3443", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3443", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/p/libpng/bugs/244/", }, { name: "80592", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/80592", }, { name: "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/17/10", }, { name: "FEDORA-2015-3868cfa17b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html", }, { name: "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { name: "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-12-10T00:00:00", descriptions: [ { lang: "en", value: "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-29T14:06:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/", }, { name: "GLSA-201611-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201611-08", }, { name: "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/11/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/", }, { name: "RHSA-2016:1430", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { name: "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/10/6", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/", }, { name: "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/11/1", }, { name: "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/10/7", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/", }, { name: "DSA-3443", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3443", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/p/libpng/bugs/244/", }, { name: "80592", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/80592", }, { name: "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/17/10", }, { name: "FEDORA-2015-3868cfa17b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html", }, { name: "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { name: "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8540", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/", refsource: "CONFIRM", url: "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/", }, { name: "GLSA-201611-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201611-08", }, { name: "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/12/11/2", }, { name: "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/", refsource: "CONFIRM", url: "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/", }, { name: "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/", refsource: "CONFIRM", url: "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/", }, { name: "RHSA-2016:1430", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1430", }, { name: "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/12/10/6", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/", refsource: "CONFIRM", url: "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/", }, { name: "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/12/11/1", }, { name: "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/12/10/7", }, { name: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/", refsource: "CONFIRM", url: "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/", }, { name: "DSA-3443", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3443", }, { name: "http://sourceforge.net/p/libpng/bugs/244/", refsource: "CONFIRM", url: "http://sourceforge.net/p/libpng/bugs/244/", }, { name: "80592", refsource: "BID", url: "http://www.securityfocus.com/bid/80592", }, { name: "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/12/17/10", }, { name: "FEDORA-2015-3868cfa17b", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html", }, { name: "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", }, { name: "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8540", datePublished: "2016-04-14T14:00:00", dateReserved: "2015-12-10T00:00:00", dateUpdated: "2024-08-06T08:20:42.512Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2105 (GCVE-0-2016-2105)
Vulnerability from cvelistv5
Published
2016-05-05 00:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:17:50.709Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { name: "89757", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/89757", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "DSA-3566", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1035721", }, { name: "RHSA-2016:1648", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=5b814481f3573fa9677f3a31ee51322e2a22ee6a", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { name: "openSUSE-SU-2016:1566", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { tags: [ "x_transferred", ], url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2016-18", }, { name: "RHSA-2016:1649", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "RHSA-2016:1650", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/HT206903", }, { tags: [ "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { tags: [ "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { name: "89757", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/89757", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "DSA-3566", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1035721", }, { name: "RHSA-2016:1648", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1648.html", }, { url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=5b814481f3573fa9677f3a31ee51322e2a22ee6a", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { name: "openSUSE-SU-2016:1566", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { url: "https://source.android.com/security/bulletin/pixel/2017-11-01", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { url: "https://www.tenable.com/security/tns-2016-18", }, { name: "RHSA-2016:1649", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1649.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "RHSA-2016:1650", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1650.html", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { url: "https://www.openssl.org/news/secadv/20160503.txt", }, { url: "https://support.apple.com/HT206903", }, { url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-2105", datePublished: "2016-05-05T00:00:00", dateReserved: "2016-01-29T00:00:00", dateUpdated: "2024-08-05T23:17:50.709Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-8136 (GCVE-0-2014-8136)
Vulnerability from cvelistv5
Published
2014-12-19 15:00
Modified
2024-08-06 13:10
Severity ?
EPSS score ?
Summary
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=2bdcd29c713dfedd813c89f56ae98f6f3898313d | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:070 | vendor-advisory, x_refsource_MANDRIVA | |
| http://lists.opensuse.org/opensuse-updates/2015-01/msg00003.html | vendor-advisory, x_refsource_SUSE | |
| http://secunia.com/advisories/61111 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| http://advisories.mageia.org/MGASA-2015-0002.html | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-0323.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:023 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.ubuntu.com/usn/USN-2867-1 | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:10:51.064Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=2bdcd29c713dfedd813c89f56ae98f6f3898313d", }, { name: "MDVSA-2015:070", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { name: "openSUSE-SU-2015:0006", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00003.html", }, { name: "61111", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61111", }, { name: "openSUSE-SU-2015:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0002.html", }, { name: "RHSA-2015:0323", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { name: "MDVSA-2015:023", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:023", }, { name: "USN-2867-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-18T00:00:00", descriptions: [ { lang: "en", value: "The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-04-14T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=2bdcd29c713dfedd813c89f56ae98f6f3898313d", }, { name: "MDVSA-2015:070", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:070", }, { name: "openSUSE-SU-2015:0006", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00003.html", }, { name: "61111", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61111", }, { name: "openSUSE-SU-2015:0008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0002.html", }, { name: "RHSA-2015:0323", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0323.html", }, { name: "MDVSA-2015:023", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:023", }, { name: "USN-2867-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2867-1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-8136", datePublished: "2014-12-19T15:00:00", dateReserved: "2014-10-10T00:00:00", dateUpdated: "2024-08-06T13:10:51.064Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-4342 (GCVE-0-2014-4342)
Vulnerability from cvelistv5
Published
2014-07-20 10:00
Modified
2024-08-06 11:12
Severity ?
EPSS score ?
Summary
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/68908 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-0439.html | vendor-advisory, x_refsource_REDHAT | |
| http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2014/dsa-3000 | vendor-advisory, x_refsource_DEBIAN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/94903 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2014:165 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.securitytracker.com/id/1030706 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/60082 | third-party-advisory, x_refsource_SECUNIA | |
| http://advisories.mageia.org/MGASA-2014-0345.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/59102 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T11:12:35.134Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { name: "68908", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/68908", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "mit-kerberos-cve20144342-dos(94903)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { name: "MDVSA-2014:165", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59102", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-27T00:00:00", descriptions: [ { lang: "en", value: "MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-19T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { name: "68908", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/68908", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "mit-kerberos-cve20144342-dos(94903)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { name: "MDVSA-2014:165", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59102", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-4342", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { name: "68908", refsource: "BID", url: "http://www.securityfocus.com/bid/68908", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2015:0439", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { name: "DSA-3000", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "mit-kerberos-cve20144342-dos(94903)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { name: "MDVSA-2014:165", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "1030706", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", refsource: "SECUNIA", url: "http://secunia.com/advisories/60082", }, { name: "http://advisories.mageia.org/MGASA-2014-0345.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", refsource: "SECUNIA", url: "http://secunia.com/advisories/59102", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-4342", datePublished: "2014-07-20T10:00:00", dateReserved: "2014-06-20T00:00:00", dateUpdated: "2024-08-06T11:12:35.134Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5844 (GCVE-0-2016-5844)
Vulnerability from cvelistv5
Published
2016-09-21 14:00
Modified
2024-08-06 01:15
Severity ?
EPSS score ?
Summary
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:15:10.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/issues/717", }, { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "91808", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91808", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160624 Re: Out of bounds read and signed integer overflow in libarchive", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/06/24/4", }, { name: "[oss-security] 20160623 Out of bounds read and signed integer overflow in libarchive", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/06/23/6", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3657", }, { name: "1036173", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036173", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-23T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/issues/717", }, { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "91808", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91808", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160624 Re: Out of bounds read and signed integer overflow in libarchive", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/06/24/4", }, { name: "[oss-security] 20160623 Out of bounds read and signed integer overflow in libarchive", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/06/23/6", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3657", }, { name: "1036173", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036173", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-5844", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", }, { name: "https://github.com/libarchive/libarchive/issues/717", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/issues/717", }, { name: "RHSA-2016:1844", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { name: "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", refsource: "MISC", url: "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "91808", refsource: "BID", url: "http://www.securityfocus.com/bid/91808", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160624 Re: Out of bounds read and signed integer overflow in libarchive", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/06/24/4", }, { name: "[oss-security] 20160623 Out of bounds read and signed integer overflow in libarchive", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/06/23/6", }, { name: "RHSA-2016:1850", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", }, { name: "GLSA-201701-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3657", }, { name: "1036173", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036173", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-5844", datePublished: "2016-09-21T14:00:00", dateReserved: "2016-06-23T00:00:00", dateUpdated: "2024-08-06T01:15:10.218Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-8317 (GCVE-0-2015-8317)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:13:32.133Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "APPLE-SA-2016-07-18-4", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", }, { name: "APPLE-SA-2016-07-18-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", }, { name: "APPLE-SA-2016-07-18-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206901", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751603", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "91826", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91826", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { name: "APPLE-SA-2016-07-18-6", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e", }, { name: "77681", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77681", }, { name: "[oss-security] 20151122 Re: Libxml2: Several out of bounds reads", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/11/22/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "[oss-security] 20151121 Libxml2: Several out of bounds reads", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/11/21/1", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206905", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206903", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751631", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206902", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206904", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206899", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-20T00:00:00", descriptions: [ { lang: "en", value: "The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "APPLE-SA-2016-07-18-4", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", }, { name: "APPLE-SA-2016-07-18-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", }, { name: "APPLE-SA-2016-07-18-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206901", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751603", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "91826", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91826", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { name: "APPLE-SA-2016-07-18-6", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e", }, { name: "77681", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77681", }, { name: "[oss-security] 20151122 Re: Libxml2: Several out of bounds reads", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/11/22/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "[oss-security] 20151121 Libxml2: Several out of bounds reads", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/11/21/1", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206905", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206903", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=751631", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206902", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206904", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206899", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8317", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2016:0106", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", }, { name: "DSA-3430", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "APPLE-SA-2016-07-18-4", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", }, { name: "APPLE-SA-2016-07-18-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", }, { name: "APPLE-SA-2016-07-18-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", }, { name: "https://support.apple.com/HT206901", refsource: "CONFIRM", url: "https://support.apple.com/HT206901", }, { name: "RHSA-2016:1089", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=751603", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=751603", }, { name: "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c", refsource: "CONFIRM", url: "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "91826", refsource: "BID", url: "http://www.securityfocus.com/bid/91826", }, { name: "USN-2834-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "APPLE-SA-2016-07-18-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { name: "APPLE-SA-2016-07-18-6", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", }, { name: "1034243", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html", refsource: "MISC", url: "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html", }, { name: "HPSBGN03537", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { name: "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e", refsource: "CONFIRM", url: "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e", }, { name: "77681", refsource: "BID", url: "http://www.securityfocus.com/bid/77681", }, { name: "[oss-security] 20151122 Re: Libxml2: Several out of bounds reads", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/11/22/3", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "[oss-security] 20151121 Libxml2: Several out of bounds reads", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/11/21/1", }, { name: "openSUSE-SU-2015:2372", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "https://support.apple.com/HT206905", refsource: "CONFIRM", url: "https://support.apple.com/HT206905", }, { name: "https://support.apple.com/HT206903", refsource: "CONFIRM", url: "https://support.apple.com/HT206903", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=751631", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=751631", }, { name: "https://support.apple.com/HT206902", refsource: "CONFIRM", url: "https://support.apple.com/HT206902", }, { name: "https://support.apple.com/HT206904", refsource: "CONFIRM", url: "https://support.apple.com/HT206904", }, { name: "https://support.apple.com/HT206899", refsource: "CONFIRM", url: "https://support.apple.com/HT206899", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8317", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-11-22T00:00:00", dateUpdated: "2024-08-06T08:13:32.133Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4470 (GCVE-0-2016-4470)
Vulnerability from cvelistv5
Published
2016-06-27 10:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:32:25.328Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "SUSE-SU-2016:2010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { name: "SUSE-SU-2016:2011", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { name: "USN-3054-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3054-1", }, { name: "SUSE-SU-2016:2003", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { name: "RHSA-2016:1657", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html", }, { name: "SUSE-SU-2016:1994", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "USN-3051-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3051-1", }, { name: "RHSA-2016:2128", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2128.html", }, { name: "SUSE-SU-2016:1961", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { name: "RHSA-2016:2133", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2133.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "SUSE-SU-2016:2001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { name: "SUSE-SU-2016:1985", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { name: "USN-3053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3053-1", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "SUSE-SU-2016:1998", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html", }, { name: "USN-3055-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3055-1", }, { name: "SUSE-SU-2016:2006", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { name: "USN-3056-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3056-1", }, { name: "USN-3052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3052-1", }, { name: "USN-3049-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3049-1", }, { name: "RHSA-2016:1541", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1541.html", }, { name: "SUSE-SU-2016:2014", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { name: "SUSE-SU-2016:2018", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html", }, { name: "DSA-3607", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3607", }, { name: "RHSA-2016:1539", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1539.html", }, { name: "1036763", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036763", }, { name: "RHSA-2016:1532", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1532.html", }, { name: "RHSA-2016:2006", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html", }, { name: "SUSE-SU-2016:2009", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a", }, { name: "[oss-security] 20160615 CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree().", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/06/15/11", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1341716", }, { name: "USN-3050-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3050-1", }, { name: "SUSE-SU-2016:2005", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { name: "SUSE-SU-2016:2007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { name: "SUSE-SU-2016:1999", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html", }, { name: "SUSE-SU-2016:2000", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { name: "RHSA-2016:2076", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2076.html", }, { name: "USN-3057-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3057-1", }, { name: "SUSE-SU-2016:1995", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { name: "RHSA-2016:2074", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2074.html", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "SUSE-SU-2016:2002", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-15T00:00:00", descriptions: [ { lang: "en", value: "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "SUSE-SU-2016:2010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html", }, { name: "SUSE-SU-2016:2011", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html", }, { name: "USN-3054-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3054-1", }, { name: "SUSE-SU-2016:2003", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html", }, { name: "RHSA-2016:1657", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html", }, { name: "SUSE-SU-2016:1994", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "USN-3051-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3051-1", }, { name: "RHSA-2016:2128", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2128.html", }, { name: "SUSE-SU-2016:1961", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html", }, { name: "RHSA-2016:2133", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2133.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "SUSE-SU-2016:2001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html", }, { name: "SUSE-SU-2016:1985", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html", }, { name: "USN-3053-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3053-1", }, { name: "openSUSE-SU-2016:2184", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", }, { name: "SUSE-SU-2016:1998", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html", }, { name: "USN-3055-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3055-1", }, { name: "SUSE-SU-2016:2006", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html", }, { name: "USN-3056-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3056-1", }, { name: "USN-3052-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3052-1", }, { name: "USN-3049-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3049-1", }, { name: "RHSA-2016:1541", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1541.html", }, { name: "SUSE-SU-2016:2014", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html", }, { name: "SUSE-SU-2016:2018", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html", }, { name: "DSA-3607", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3607", }, { name: "RHSA-2016:1539", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1539.html", }, { name: "1036763", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036763", }, { name: "RHSA-2016:1532", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1532.html", }, { name: "RHSA-2016:2006", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html", }, { name: "SUSE-SU-2016:2009", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a", }, { name: "[oss-security] 20160615 CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree().", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/06/15/11", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1341716", }, { name: "USN-3050-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3050-1", }, { name: "SUSE-SU-2016:2005", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html", }, { name: "SUSE-SU-2016:2007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html", }, { name: "SUSE-SU-2016:1999", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html", }, { name: "SUSE-SU-2016:2000", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html", }, { name: "RHSA-2016:2076", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2076.html", }, { name: "USN-3057-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3057-1", }, { name: "SUSE-SU-2016:1995", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html", }, { name: "RHSA-2016:2074", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2074.html", }, { name: "SUSE-SU-2016:2105", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", }, { name: "SUSE-SU-2016:2002", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a", }, { name: "SUSE-SU-2016:1937", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4470", datePublished: "2016-06-27T10:00:00", dateReserved: "2016-05-02T00:00:00", dateUpdated: "2024-08-06T00:32:25.328Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-2783 (GCVE-0-2015-2783)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:24:38.930Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74239", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74239", }, { name: "1032146", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032146", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "SSRT102066", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69324", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "HPSBUX03337", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-16T00:00:00", descriptions: [ { lang: "en", value: "ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74239", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74239", }, { name: "1032146", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032146", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "SSRT102066", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69324", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "HPSBUX03337", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-2783", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74239", refsource: "BID", url: "http://www.securityfocus.com/bid/74239", }, { name: "1032146", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032146", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "SSRT102066", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "https://bugs.php.net/bug.php?id=69324", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69324", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "DSA-3280", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "HPSBUX03337", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2783", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-03-29T00:00:00", dateUpdated: "2024-08-06T05:24:38.930Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5260 (GCVE-0-2015-5260)
Vulnerability from cvelistv5
Published
2016-06-07 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1890.html | vendor-advisory, x_refsource_REDHAT | |
| https://security.gentoo.org/glsa/201606-05 | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-2766-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html | mailing-list, x_refsource_MLIST | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1889.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1260822 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3371 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securitytracker.com/id/1033753 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/77019 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:09.126Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1890", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { name: "GLSA-201606-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-05", }, { name: "USN-2766-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2766-1", }, { name: "[Spice-devel] 20151006 Announcing spice 0.12.6", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "RHSA-2015:1889", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1260822", }, { name: "DSA-3371", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3371", }, { name: "1033753", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033753", }, { name: "77019", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77019", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-10-06T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-15T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1890", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1890.html", }, { name: "GLSA-201606-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-05", }, { name: "USN-2766-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2766-1", }, { name: "[Spice-devel] 20151006 Announcing spice 0.12.6", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "RHSA-2015:1889", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1889.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1260822", }, { name: "DSA-3371", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3371", }, { name: "1033753", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033753", }, { name: "77019", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77019", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5260", datePublished: "2016-06-07T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:09.126Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5312 (GCVE-0-2015-5312)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:09.539Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206168", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1276693", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xmlsoft.org/news.html", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206166", }, { name: "79536", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/79536", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-20T00:00:00", descriptions: [ { lang: "en", value: "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206168", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1276693", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xmlsoft.org/news.html", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206166", }, { name: "79536", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/79536", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5312", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:09.539Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-1863 (GCVE-0-2015-1863)
Vulnerability from cvelistv5
Published
2015-04-28 14:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:54:16.337Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt", }, { name: "DSA-3233", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3233", }, { name: "20150423 [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/535353/100/0/threaded", }, { name: "USN-2577-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2577-1", }, { name: "openSUSE-SU-2015:0813", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html", }, { name: "20150424 [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2015/Apr/82", }, { name: "74296", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74296", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html", }, { name: "GLSA-201606-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-17", }, { name: "1032192", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032192", }, { name: "RHSA-2015:1090", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-22T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt", }, { name: "DSA-3233", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3233", }, { name: "20150423 [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/535353/100/0/threaded", }, { name: "USN-2577-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2577-1", }, { name: "openSUSE-SU-2015:0813", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html", }, { name: "20150424 [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2015/Apr/82", }, { name: "74296", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74296", }, { tags: [ "x_refsource_MISC", ], url: "http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html", }, { name: "GLSA-201606-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-17", }, { name: "1032192", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032192", }, { name: "RHSA-2015:1090", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-1863", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt", refsource: "CONFIRM", url: "http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt", }, { name: "DSA-3233", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3233", }, { name: "20150423 [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/535353/100/0/threaded", }, { name: "USN-2577-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2577-1", }, { name: "openSUSE-SU-2015:0813", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html", }, { name: "20150424 [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2015/Apr/82", }, { name: "74296", refsource: "BID", url: "http://www.securityfocus.com/bid/74296", }, { name: "http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19", refsource: "MISC", url: "http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19", }, { name: "http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html", }, { name: "GLSA-201606-17", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-17", }, { name: "1032192", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032192", }, { name: "RHSA-2015:1090", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1090.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-1863", datePublished: "2015-04-28T14:00:00", dateReserved: "2015-02-17T00:00:00", dateUpdated: "2024-08-06T04:54:16.337Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9664 (GCVE-0-2014-9664)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:02.941Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=183", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=183", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9664", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd", }, { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=183", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=183", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9664", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:02.941Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4809 (GCVE-0-2016-4809)
Vulnerability from cvelistv5
Published
2016-09-21 14:00
Modified
2024-08-06 00:39
Severity ?
EPSS score ?
Summary
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/libarchive/libarchive/commit/fd7e0c02 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-1844.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/libarchive/libarchive/issues/705 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91813 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1347084 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-1850.html | vendor-advisory, x_refsource_REDHAT | |
| https://security.gentoo.org/glsa/201701-03 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2016/dsa-3657 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:39:26.294Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/commit/fd7e0c02", }, { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/issues/705", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "91813", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91813", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3657", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-12T00:00:00", descriptions: [ { lang: "en", value: "The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/commit/fd7e0c02", }, { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/issues/705", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "91813", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91813", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", }, { name: "RHSA-2016:1850", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3657", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-4809", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/libarchive/libarchive/commit/fd7e0c02", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/commit/fd7e0c02", }, { name: "RHSA-2016:1844", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { name: "https://github.com/libarchive/libarchive/issues/705", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/issues/705", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "91813", refsource: "BID", url: "http://www.securityfocus.com/bid/91813", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", }, { name: "RHSA-2016:1850", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1850.html", }, { name: "GLSA-201701-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3657", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-4809", datePublished: "2016-09-21T14:00:00", dateReserved: "2016-05-16T00:00:00", dateUpdated: "2024-08-06T00:39:26.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-8241 (GCVE-0-2015-8241)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:13:32.137Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { name: "[oss-security] 20151118 Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "77621", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77621", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "[oss-security] 20151118 Re: Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756263", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-18T00:00:00", descriptions: [ { lang: "en", value: "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { name: "[oss-security] 20151118 Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "77621", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77621", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "[oss-security] 20151118 Re: Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756263", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8241", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:2550", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "openSUSE-SU-2016:0106", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { name: "[oss-security] 20151118 Buffer overflow in libxml2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { name: "DSA-3430", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "RHSA-2016:1089", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "77621", refsource: "BID", url: "http://www.securityfocus.com/bid/77621", }, { name: "USN-2834-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "[oss-security] 20151118 Re: Buffer overflow in libxml2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { name: "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", refsource: "CONFIRM", url: "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", }, { name: "1034243", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "HPSBGN03537", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "openSUSE-SU-2015:2372", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=756263", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=756263", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8241", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-11-18T00:00:00", dateUpdated: "2024-08-06T08:13:32.137Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5416 (GCVE-0-2016-5416)
Vulnerability from cvelistv5
Published
2017-06-08 19:00
Modified
2024-08-06 01:01
Severity ?
EPSS score ?
Summary
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99097 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2016-2594.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1349540 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-2765.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:01:00.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "99097", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/99097", }, { name: "RHSA-2016:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349540", }, { name: "RHSA-2016:2765", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-23T00:00:00", descriptions: [ { lang: "en", value: "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-19T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "99097", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/99097", }, { name: "RHSA-2016:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349540", }, { name: "RHSA-2016:2765", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-5416", datePublished: "2017-06-08T19:00:00", dateReserved: "2016-06-10T00:00:00", dateUpdated: "2024-08-06T01:01:00.717Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0636 (GCVE-0-2016-0636)
Vulnerability from cvelistv5
Published
2016-03-24 18:00
Modified
2024-10-15 19:23
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:0957", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html", }, { name: "RHSA-2016:0516", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0516.html", }, { name: "RHSA-2016:0515", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0515.html", }, { name: "RHSA-2016:0511", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0511.html", }, { name: "RHSA-2016:0512", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0512.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "GLSA-201610-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201610-08", }, { name: "openSUSE-SU-2016:0971", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html", }, { name: "openSUSE-SU-2016:0983", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html", }, { name: "openSUSE-SU-2016:1005", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00014.html", }, { name: "openSUSE-SU-2016:1042", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00035.html", }, { name: "USN-2942-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2942-1", }, { name: "GLSA-201606-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-18", }, { name: "SUSE-SU-2016:0956", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html", }, { name: "85376", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/85376", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160328-0001/", }, { name: "openSUSE-SU-2016:1004", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html", }, { name: "SUSE-SU-2016:0959", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html", }, { name: "1035401", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1035401", }, { name: "DSA-3558", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3558", }, { name: "RHSA-2016:0513", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0513.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html", }, { name: "RHSA-2016:0514", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0514.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2016-0636", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T18:55:47.208189Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T19:23:14.354Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-23T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-09T10:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:0957", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html", }, { name: "RHSA-2016:0516", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0516.html", }, { name: "RHSA-2016:0515", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0515.html", }, { name: "RHSA-2016:0511", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0511.html", }, { name: "RHSA-2016:0512", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0512.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "GLSA-201610-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201610-08", }, { name: "openSUSE-SU-2016:0971", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html", }, { name: "openSUSE-SU-2016:0983", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html", }, { name: "openSUSE-SU-2016:1005", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00014.html", }, { name: "openSUSE-SU-2016:1042", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00035.html", }, { name: "USN-2942-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2942-1", }, { name: "GLSA-201606-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-18", }, { name: "SUSE-SU-2016:0956", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html", }, { name: "85376", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/85376", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20160328-0001/", }, { name: "openSUSE-SU-2016:1004", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html", }, { name: "SUSE-SU-2016:0959", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html", }, { name: "1035401", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1035401", }, { name: "DSA-3558", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3558", }, { name: "RHSA-2016:0513", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0513.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html", }, { name: "RHSA-2016:0514", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0514.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0636", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:0957", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html", }, { name: "RHSA-2016:0516", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0516.html", }, { name: "RHSA-2016:0515", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0515.html", }, { name: "RHSA-2016:0511", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0511.html", }, { name: "RHSA-2016:0512", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0512.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "GLSA-201610-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201610-08", }, { name: "openSUSE-SU-2016:0971", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html", }, { name: "openSUSE-SU-2016:0983", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html", }, { name: "openSUSE-SU-2016:1005", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00014.html", }, { name: "openSUSE-SU-2016:1042", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00035.html", }, { name: "USN-2942-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2942-1", }, { name: "GLSA-201606-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-18", }, { name: "SUSE-SU-2016:0956", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html", }, { name: "85376", refsource: "BID", url: "http://www.securityfocus.com/bid/85376", }, { name: "https://security.netapp.com/advisory/ntap-20160328-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20160328-0001/", }, { name: "openSUSE-SU-2016:1004", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html", }, { name: "SUSE-SU-2016:0959", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html", }, { name: "1035401", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1035401", }, { name: "DSA-3558", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3558", }, { name: "RHSA-2016:0513", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0513.html", }, { name: "http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html", }, { name: "RHSA-2016:0514", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0514.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0636", datePublished: "2016-03-24T18:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-10-15T19:23:14.354Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9273 (GCVE-0-2014-9273)
Vulnerability from cvelistv5
Published
2014-12-08 16:00
Modified
2024-08-06 13:40
Severity ?
EPSS score ?
Summary
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:40:23.894Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201503-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-07", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705", }, { name: "openSUSE-SU-2015:0189", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00005.html", }, { name: "71279", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/71279", }, { name: "[oss-security] 20141204 Re: CVE request: missing checks for small-sized files in hivex", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/12/04/14", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1167756", }, { name: "RHSA-2015:0301", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0301.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb", }, { name: "[oss-security] 20141125 CVE request: missing checks for small-sized files in hivex", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/11/25/6", }, { name: "[Libguestfs] 20141029 [libhivex] Undefined behavior when accessing invalid (too small) registry hives", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.redhat.com/archives/libguestfs/2014-October/msg00235.html", }, { name: "RHSA-2015:1378", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1378.html", }, { name: "62792", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62792", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-10-29T00:00:00", descriptions: [ { lang: "en", value: "lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "GLSA-201503-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-07", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705", }, { name: "openSUSE-SU-2015:0189", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00005.html", }, { name: "71279", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/71279", }, { name: "[oss-security] 20141204 Re: CVE request: missing checks for small-sized files in hivex", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/12/04/14", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1167756", }, { name: "RHSA-2015:0301", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0301.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb", }, { name: "[oss-security] 20141125 CVE request: missing checks for small-sized files in hivex", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/11/25/6", }, { name: "[Libguestfs] 20141029 [libhivex] Undefined behavior when accessing invalid (too small) registry hives", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.redhat.com/archives/libguestfs/2014-October/msg00235.html", }, { name: "RHSA-2015:1378", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1378.html", }, { name: "62792", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62792", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-9273", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201503-07", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-07", }, { name: "https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705", refsource: "CONFIRM", url: "https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705", }, { name: "openSUSE-SU-2015:0189", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-02/msg00005.html", }, { name: "71279", refsource: "BID", url: "http://www.securityfocus.com/bid/71279", }, { name: "[oss-security] 20141204 Re: CVE request: missing checks for small-sized files in hivex", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/12/04/14", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1167756", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1167756", }, { name: "RHSA-2015:0301", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0301.html", }, { name: "https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb", refsource: "CONFIRM", url: "https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb", }, { name: "[oss-security] 20141125 CVE request: missing checks for small-sized files in hivex", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/11/25/6", }, { name: "[Libguestfs] 20141029 [libhivex] Undefined behavior when accessing invalid (too small) registry hives", refsource: "MLIST", url: "https://www.redhat.com/archives/libguestfs/2014-October/msg00235.html", }, { name: "RHSA-2015:1378", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1378.html", }, { name: "62792", refsource: "SECUNIA", url: "http://secunia.com/advisories/62792", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-9273", datePublished: "2014-12-08T16:00:00", dateReserved: "2014-12-04T00:00:00", dateUpdated: "2024-08-06T13:40:23.894Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-2787 (GCVE-0-2015-2787)
Vulnerability from cvelistv5
Published
2015-03-30 10:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:24:38.837Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d", }, { name: "1032485", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032485", }, { name: "73431", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/73431", }, { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "HPSBMU03380", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=68976", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:0684", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-03T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d", }, { name: "1032485", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032485", }, { name: "73431", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/73431", }, { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "HPSBMU03380", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=68976", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:0684", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-2787", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d", refsource: "CONFIRM", url: "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d", }, { name: "1032485", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032485", }, { name: "73431", refsource: "BID", url: "http://www.securityfocus.com/bid/73431", }, { name: "HPSBMU03409", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "HPSBMU03380", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "USN-2572-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "https://bugs.php.net/bug.php?id=68976", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=68976", }, { name: "RHSA-2015:1053", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:0684", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2787", datePublished: "2015-03-30T10:00:00", dateReserved: "2015-03-29T00:00:00", dateUpdated: "2024-08-06T05:24:38.837Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4022 (GCVE-0-2015-4022)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.660Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69545", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "1032433", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032433", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "74902", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74902", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-13T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69545", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "openSUSE-SU-2015:0993", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "1032433", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032433", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "74902", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74902", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4022", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "https://bugs.php.net/bug.php?id=69545", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69545", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "RHSA-2015:1219", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "openSUSE-SU-2015:0993", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "1032433", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032433", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "74902", refsource: "BID", url: "http://www.securityfocus.com/bid/74902", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4022", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-05-18T00:00:00", dateUpdated: "2024-08-06T06:04:02.660Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5157 (GCVE-0-2015-5157)
Vulnerability from cvelistv5
Published
2015-08-31 10:00
Modified
2024-08-06 06:32
Severity ?
EPSS score ?
Summary
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:32:32.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:0212", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0212.html", }, { name: "SUSE-SU-2015:2350", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2015:1727", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html", }, { name: "RHSA-2016:0715", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0715.html", }, { name: "USN-2689-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2689-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "USN-2690-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2690-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, { name: "76005", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76005", }, { name: "USN-2691-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2691-1", }, { name: "SUSE-SU-2016:0354", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html", }, { name: "SUSE-SU-2015:2339", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html", }, { name: "SUSE-SU-2015:2108", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html", }, { name: "USN-2688-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2688-1", }, { name: "RHSA-2016:0185", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0185.html", }, { name: "DSA-3313", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3313", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6", }, { name: "[oss-security] 20150722 Linux x86_64 NMI security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/07/22/7", }, { name: "RHSA-2016:0224", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0224.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, { name: "USN-2687-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2687-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-07-22T00:00:00", descriptions: [ { lang: "en", value: "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2016:0212", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0212.html", }, { name: "SUSE-SU-2015:2350", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2015:1727", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html", }, { name: "RHSA-2016:0715", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0715.html", }, { name: "USN-2689-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2689-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "USN-2690-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2690-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, { name: "76005", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76005", }, { name: "USN-2691-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2691-1", }, { name: "SUSE-SU-2016:0354", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html", }, { name: "SUSE-SU-2015:2339", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html", }, { name: "SUSE-SU-2015:2108", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html", }, { name: "USN-2688-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2688-1", }, { name: "RHSA-2016:0185", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0185.html", }, { name: "DSA-3313", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3313", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6", }, { name: "[oss-security] 20150722 Linux x86_64 NMI security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/07/22/7", }, { name: "RHSA-2016:0224", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0224.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a", }, { name: "USN-2687-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2687-1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5157", datePublished: "2015-08-31T10:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:32:32.976Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3099 (GCVE-0-2016-3099)
Vulnerability from cvelistv5
Published
2017-06-08 19:00
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183102.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1319052 | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183129.html | vendor-advisory, x_refsource_FEDORA | |
| http://rhn.redhat.com/errata/RHSA-2016-2602.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184345.html | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:47:56.955Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2016-85e9f2e3cd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183102.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319052", }, { name: "FEDORA-2016-8b28358b72", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183129.html", }, { name: "RHSA-2016:2602", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2602.html", }, { name: "FEDORA-2016-1eaaf1ed0f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184345.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-18T00:00:00", descriptions: [ { lang: "en", value: "mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-08T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2016-85e9f2e3cd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183102.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319052", }, { name: "FEDORA-2016-8b28358b72", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183129.html", }, { name: "RHSA-2016:2602", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2602.html", }, { name: "FEDORA-2016-1eaaf1ed0f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184345.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3099", datePublished: "2017-06-08T19:00:00", dateReserved: "2016-03-10T00:00:00", dateUpdated: "2024-08-05T23:47:56.955Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5410 (GCVE-0-2016-5410)
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 01:01
Severity ?
EPSS score ?
Summary
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/ | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/92481 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1360135 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201701-70 | vendor-advisory, x_refsource_GENTOO | |
| http://rhn.redhat.com/errata/RHSA-2016-2597.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2016/08/16/3 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:01:00.114Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release", }, { name: "FEDORA-2016-4dedc6ec3d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/", }, { name: "FEDORA-2016-de55d2c2c9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/", }, { name: "92481", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92481", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1360135", }, { name: "GLSA-201701-70", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-70", }, { name: "RHSA-2016:2597", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2597.html", }, { name: "[oss-security] 20160816 firewalld: Firewall configuration can be modified by any logged in user", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/08/16/3", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-08-16T00:00:00", descriptions: [ { lang: "en", value: "firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-19T11:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release", }, { name: "FEDORA-2016-4dedc6ec3d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/", }, { name: "FEDORA-2016-de55d2c2c9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/", }, { name: "92481", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92481", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1360135", }, { name: "GLSA-201701-70", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-70", }, { name: "RHSA-2016:2597", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2597.html", }, { name: "[oss-security] 20160816 firewalld: Firewall configuration can be modified by any logged in user", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/08/16/3", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-5410", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release", refsource: "CONFIRM", url: "http://www.firewalld.org/2016/08/firewalld-0-4-3-3-release", }, { name: "FEDORA-2016-4dedc6ec3d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/", }, { name: "FEDORA-2016-de55d2c2c9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/", }, { name: "92481", refsource: "BID", url: "http://www.securityfocus.com/bid/92481", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1360135", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1360135", }, { name: "GLSA-201701-70", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-70", }, { name: "RHSA-2016:2597", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2597.html", }, { name: "[oss-security] 20160816 firewalld: Firewall configuration can be modified by any logged in user", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/08/16/3", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-5410", datePublished: "2017-04-19T14:00:00", dateReserved: "2016-06-10T00:00:00", dateUpdated: "2024-08-06T01:01:00.114Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-7145 (GCVE-0-2014-7145)
Vulnerability from cvelistv5
Published
2014-09-28 10:00
Modified
2024-08-06 12:40
Severity ?
EPSS score ?
Summary
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ubuntu.com/usn/USN-2394-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.openwall.com/lists/oss-security/2014/09/22/4 | mailing-list, x_refsource_MLIST | |
| https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce | x_refsource_CONFIRM | |
| http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/69867 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-0102.html | vendor-advisory, x_refsource_REDHAT | |
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:40:19.126Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2394-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2394-1", }, { name: "[oss-security] 20140922 Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon / Linux kernel", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/09/22/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3", }, { name: "69867", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/69867", }, { name: "RHSA-2015:0102", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0102.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-17T00:00:00", descriptions: [ { lang: "en", value: "The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-03-17T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "USN-2394-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2394-1", }, { name: "[oss-security] 20140922 Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon / Linux kernel", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/09/22/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3", }, { name: "69867", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/69867", }, { name: "RHSA-2015:0102", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0102.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7145", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2394-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2394-1", }, { name: "[oss-security] 20140922 Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon / Linux kernel", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/09/22/4", }, { name: "https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce", refsource: "CONFIRM", url: "https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, { name: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3", refsource: "CONFIRM", url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3", }, { name: "69867", refsource: "BID", url: "http://www.securityfocus.com/bid/69867", }, { name: "RHSA-2015:0102", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0102.html", }, { name: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=18f39e7be0121317550d03e267e3ebd4dbfbb3ce", refsource: "CONFIRM", url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=18f39e7be0121317550d03e267e3ebd4dbfbb3ce", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-7145", datePublished: "2014-09-28T10:00:00", dateReserved: "2014-09-22T00:00:00", dateUpdated: "2024-08-06T12:40:19.126Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9663 (GCVE-0-2014-9663)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:02.970Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=184", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=184", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9663", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://code.google.com/p/google-security-research/issues/detail?id=184", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=184", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1", }, { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9663", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:02.970Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4605 (GCVE-0-2015-4605)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.php.net/bug.php?id=68819 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75233 | vdb-entry, x_refsource_BID | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.210Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=68819", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75233", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75233", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-21T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=68819", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75233", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75233", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4605", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "https://bugs.php.net/bug.php?id=68819", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=68819", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75233", refsource: "BID", url: "http://www.securityfocus.com/bid/75233", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4605", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.210Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-0867 (GCVE-0-2012-0867)
Vulnerability from cvelistv5
Published
2012-07-18 23:00
Modified
2024-08-06 18:38
Severity ?
EPSS score ?
Summary
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.postgresql.org/about/news/1377/ | x_refsource_CONFIRM | |
| http://secunia.com/advisories/49273 | third-party-advisory, x_refsource_SECUNIA | |
| http://rhn.redhat.com/errata/RHSA-2012-0678.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2012:026 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.postgresql.org/docs/9.0/static/release-9-0-7.html | x_refsource_CONFIRM | |
| http://www.postgresql.org/docs/8.4/static/release-8-4-11.html | x_refsource_CONFIRM | |
| http://www.debian.org/security/2012/dsa-2418 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.postgresql.org/docs/9.1/static/release-9-1-3.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T18:38:14.829Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.postgresql.org/about/news/1377/", }, { name: "49273", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49273", }, { name: "RHSA-2012:0678", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-0678.html", }, { name: "MDVSA-2012:026", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:026", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.postgresql.org/docs/9.0/static/release-9-0-7.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.postgresql.org/docs/8.4/static/release-8-4-11.html", }, { name: "DSA-2418", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2012/dsa-2418", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.postgresql.org/docs/9.1/static/release-9-1-3.html", }, { name: "openSUSE-SU-2012:1173", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-02-27T00:00:00", descriptions: [ { lang: "en", value: "PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2012-07-25T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.postgresql.org/about/news/1377/", }, { name: "49273", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49273", }, { name: "RHSA-2012:0678", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-0678.html", }, { name: "MDVSA-2012:026", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:026", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.postgresql.org/docs/9.0/static/release-9-0-7.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.postgresql.org/docs/8.4/static/release-8-4-11.html", }, { name: "DSA-2418", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2012/dsa-2418", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.postgresql.org/docs/9.1/static/release-9-1-3.html", }, { name: "openSUSE-SU-2012:1173", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-0867", datePublished: "2012-07-18T23:00:00", dateReserved: "2012-01-19T00:00:00", dateUpdated: "2024-08-06T18:38:14.829Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-6662 (GCVE-0-2012-6662)
Vulnerability from cvelistv5
Published
2014-11-24 16:00
Modified
2024-08-06 21:36
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/jquery/jquery/issues/2432 | x_refsource_MISC | |
| http://rhn.redhat.com/errata/RHSA-2015-0442.html | vendor-advisory, x_refsource_REDHAT | |
| http://bugs.jqueryui.com/ticket/8861 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/98697 | vdb-entry, x_refsource_XF | |
| http://seclists.org/oss-sec/2014/q4/616 | mailing-list, x_refsource_MLIST | |
| https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1462.html | vendor-advisory, x_refsource_REDHAT | |
| http://bugs.jqueryui.com/ticket/8859 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/71107 | vdb-entry, x_refsource_BID | |
| http://seclists.org/oss-sec/2014/q4/613 | mailing-list, x_refsource_MLIST | |
| https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:36:02.237Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/jquery/jquery/issues/2432", }, { name: "RHSA-2015:0442", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0442.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.jqueryui.com/ticket/8861", }, { name: "jqueryui-cve20126662-xss(98697)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/98697", }, { name: "[oss-security] 20141114 Re: old CVE assignments for JQuery 1.10.0", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q4/616", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", }, { name: "RHSA-2015:1462", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1462.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.jqueryui.com/ticket/8859", }, { name: "71107", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/71107", }, { name: "[oss-security] 20141114 old CVE assignments for JQuery 1.10.0", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q4/613", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-11-27T00:00:00", descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-13T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/jquery/jquery/issues/2432", }, { name: "RHSA-2015:0442", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0442.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.jqueryui.com/ticket/8861", }, { name: "jqueryui-cve20126662-xss(98697)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/98697", }, { name: "[oss-security] 20141114 Re: old CVE assignments for JQuery 1.10.0", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q4/616", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", }, { name: "RHSA-2015:1462", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1462.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.jqueryui.com/ticket/8859", }, { name: "71107", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/71107", }, { name: "[oss-security] 20141114 old CVE assignments for JQuery 1.10.0", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q4/613", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-6662", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/jquery/jquery/issues/2432", refsource: "MISC", url: "https://github.com/jquery/jquery/issues/2432", }, { name: "RHSA-2015:0442", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0442.html", }, { name: "http://bugs.jqueryui.com/ticket/8861", refsource: "CONFIRM", url: "http://bugs.jqueryui.com/ticket/8861", }, { name: "jqueryui-cve20126662-xss(98697)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/98697", }, { name: "[oss-security] 20141114 Re: old CVE assignments for JQuery 1.10.0", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q4/616", }, { name: "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", refsource: "CONFIRM", url: "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", }, { name: "RHSA-2015:1462", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1462.html", }, { name: "http://bugs.jqueryui.com/ticket/8859", refsource: "CONFIRM", url: "http://bugs.jqueryui.com/ticket/8859", }, { name: "71107", refsource: "BID", url: "http://www.securityfocus.com/bid/71107", }, { name: "[oss-security] 20141114 old CVE assignments for JQuery 1.10.0", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q4/613", }, { name: "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", refsource: "CONFIRM", url: "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-6662", datePublished: "2014-11-24T16:00:00", dateReserved: "2014-11-14T00:00:00", dateUpdated: "2024-08-06T21:36:02.237Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4025 (GCVE-0-2015-4025)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:02.539Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69418", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "74904", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74904", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "1032431", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032431", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-13T00:00:00", descriptions: [ { lang: "en", value: "PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69418", }, { name: "RHSA-2015:1219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "74904", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74904", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "1032431", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032431", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-4025", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "https://bugs.php.net/bug.php?id=69418", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69418", }, { name: "RHSA-2015:1219", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1219.html", }, { name: "74904", refsource: "BID", url: "http://www.securityfocus.com/bid/74904", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "DSA-3280", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3280", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "1032431", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032431", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "FEDORA-2015-8383", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", }, { name: "FEDORA-2015-8281", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", }, { name: "FEDORA-2015-8370", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-4025", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-05-18T00:00:00", dateUpdated: "2024-08-06T06:04:02.539Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-9635 (GCVE-0-2016-9635)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-08-06 02:59
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2016/dsa-3724 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2017-0019.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2975.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2016/dsa-3723 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2017-0020.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/94499 | vdb-entry, x_refsource_BID | |
| https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/11/24/2 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.gnome.org/show_bug.cgi?id=774834 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201705-10 | vendor-advisory, x_refsource_GENTOO | |
| https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:59:03.142Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3724", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94499", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201705-10", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-23T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3724", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94499", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201705-10", }, { tags: [ "x_refsource_MISC", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-9635", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3724", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", refsource: "BID", url: "http://www.securityfocus.com/bid/94499", }, { name: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", refsource: "CONFIRM", url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201705-10", }, { name: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", refsource: "MISC", url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-9635", datePublished: "2017-01-27T22:01:00", dateReserved: "2016-11-23T00:00:00", dateUpdated: "2024-08-06T02:59:03.142Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4989 (GCVE-0-2016-4989)
Vulnerability from cvelistv5
Published
2017-04-11 18:00
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1346461 | x_refsource_CONFIRM | |
| https://rhn.redhat.com/errata/RHSA-2016-1267.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/fedora-selinux/setroubleshoot/commit/e69378d7e82a503534d29c5939fa219341e8f2ad | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2016/q2/574 | mailing-list, x_refsource_MLIST | |
| https://access.redhat.com/errata/RHSA-2016:1293 | vendor-advisory, x_refsource_REDHAT | |
| http://securitytracker.com/id/1036144 | vdb-entry, x_refsource_SECTRACK | |
| https://github.com/fedora-selinux/setroubleshoot/commit/dda55aa50db95a25f0d919c3a0d5871827cdc40f | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:40.199Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1346461", }, { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/e69378d7e82a503534d29c5939fa219341e8f2ad", }, { name: "[oss-security] 20160621 SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2016/q2/574", }, { name: "RHSA-2016:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id/1036144", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/dda55aa50db95a25f0d919c3a0d5871827cdc40f", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-21T00:00:00", descriptions: [ { lang: "en", value: "setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-11T17:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1346461", }, { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/e69378d7e82a503534d29c5939fa219341e8f2ad", }, { name: "[oss-security] 20160621 SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2016/q2/574", }, { name: "RHSA-2016:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id/1036144", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/dda55aa50db95a25f0d919c3a0d5871827cdc40f", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-4989", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1346461", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1346461", }, { name: "RHSA-2016:1267", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { name: "https://github.com/fedora-selinux/setroubleshoot/commit/e69378d7e82a503534d29c5939fa219341e8f2ad", refsource: "CONFIRM", url: "https://github.com/fedora-selinux/setroubleshoot/commit/e69378d7e82a503534d29c5939fa219341e8f2ad", }, { name: "[oss-security] 20160621 SELinux troubles", refsource: "MLIST", url: "http://seclists.org/oss-sec/2016/q2/574", }, { name: "RHSA-2016:1293", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { name: "1036144", refsource: "SECTRACK", url: "http://securitytracker.com/id/1036144", }, { name: "https://github.com/fedora-selinux/setroubleshoot/commit/dda55aa50db95a25f0d919c3a0d5871827cdc40f", refsource: "CONFIRM", url: "https://github.com/fedora-selinux/setroubleshoot/commit/dda55aa50db95a25f0d919c3a0d5871827cdc40f", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4989", datePublished: "2017-04-11T18:00:00", dateReserved: "2016-05-24T00:00:00", dateUpdated: "2024-08-06T00:46:40.199Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5273 (GCVE-0-2015-5273)
Vulnerability from cvelistv5
Published
2015-12-07 18:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-2505.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2015/12/01/1 | mailing-list, x_refsource_MLIST | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/78113 | vdb-entry, x_refsource_BID | |
| https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172809.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1262252 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:09.354Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2505", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { name: "[oss-security] 20151201 CVE-2015-5273 + CVE-2015-5287, abrt local root in Centos/Fedora/RHEL", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "78113", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/78113", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e", }, { name: "FEDORA-2015-79c1758468", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172809.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262252", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-23T00:00:00", descriptions: [ { lang: "en", value: "The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-05T20:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2505", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { name: "[oss-security] 20151201 CVE-2015-5273 + CVE-2015-5287, abrt local root in Centos/Fedora/RHEL", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "78113", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/78113", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e", }, { name: "FEDORA-2015-79c1758468", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172809.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262252", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5273", datePublished: "2015-12-07T18:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:09.354Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3247 (GCVE-0-2015-3247)
Vulnerability from cvelistv5
Published
2015-09-08 15:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ubuntu.com/usn/USN-2736-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.debian.org/security/2015/dsa-3354 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2015-1715.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html | mailing-list, x_refsource_MLIST | |
| http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securitytracker.com/id/1033460 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1033459 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1033753 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1714.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-1713.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:32.149Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2736-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2736-1", }, { name: "DSA-3354", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3354", }, { name: "RHSA-2015:1715", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1715.html", }, { name: "[Spice-devel] 20151006 Announcing spice 0.12.6", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { name: "openSUSE-SU-2015:1566", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html", }, { name: "1033460", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033460", }, { name: "1033459", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033459", }, { name: "1033753", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033753", }, { name: "RHSA-2015:1714", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1714.html", }, { name: "RHSA-2015:1713", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-09-03T00:00:00", descriptions: [ { lang: "en", value: "Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-15T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "USN-2736-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2736-1", }, { name: "DSA-3354", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3354", }, { name: "RHSA-2015:1715", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1715.html", }, { name: "[Spice-devel] 20151006 Announcing spice 0.12.6", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html", }, { name: "openSUSE-SU-2015:1566", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html", }, { name: "1033460", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033460", }, { name: "1033459", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033459", }, { name: "1033753", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033753", }, { name: "RHSA-2015:1714", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1714.html", }, { name: "RHSA-2015:1713", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1713.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-3247", datePublished: "2015-09-08T15:00:00", dateReserved: "2015-04-10T00:00:00", dateUpdated: "2024-08-06T05:39:32.149Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3411 (GCVE-0-2015-3411)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.php.net/bug.php?id=69353 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257 | x_refsource_CONFIRM | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75255 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:47:57.804Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69353", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "75255", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75255", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-02T00:00:00", descriptions: [ { lang: "en", value: "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69353", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "75255", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75255", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3411", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "https://bugs.php.net/bug.php?id=69353", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69353", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=4435b9142ff9813845d5c97ab29a5d637bedb257", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "75255", refsource: "BID", url: "http://www.securityfocus.com/bid/75255", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3411", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-04-24T00:00:00", dateUpdated: "2024-08-06T05:47:57.804Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-2348 (GCVE-0-2015-2348)
Vulnerability from cvelistv5
Published
2015-03-30 10:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:10:16.498Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "HPSBMU03380", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69207", }, { name: "1032484", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032484", }, { name: "73434", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/73434", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:0684", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-09T00:00:00", descriptions: [ { lang: "en", value: "The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \\x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-29T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "HPSBMU03380", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69207", }, { name: "1032484", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032484", }, { name: "73434", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/73434", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:0684", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-2348", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \\x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "HPSBMU03409", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "HPSBMU03380", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "https://bugs.php.net/bug.php?id=69207", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69207", }, { name: "1032484", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032484", }, { name: "73434", refsource: "BID", url: "http://www.securityfocus.com/bid/73434", }, { name: "USN-2572-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1053", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "openSUSE-SU-2015:0684", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2348", datePublished: "2015-03-30T10:00:00", dateReserved: "2015-03-19T00:00:00", dateUpdated: "2024-08-06T05:10:16.498Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3715 (GCVE-0-2016-3715)
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2025-02-07 13:27
Severity ?
EPSS score ?
Summary
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:03:34.450Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "openSUSE-SU-2016:1326", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "DSA-3746", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3746", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { name: "89852", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/89852", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2016-3715", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:27:17.433989Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-3715", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T13:27:28.864Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00.000Z", descriptions: [ { lang: "en", value: "The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "openSUSE-SU-2016:1326", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "DSA-3746", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3746", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, { name: "89852", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/89852", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3715", datePublished: "2016-05-05T18:00:00.000Z", dateReserved: "2016-03-30T00:00:00.000Z", dateUpdated: "2025-02-07T13:27:28.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5194 (GCVE-0-2015-5194)
Vulnerability from cvelistv5
Published
2017-07-21 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:08.328Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU:2016:1912", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA", }, { name: "76475", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76475", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { name: "RHSA-2016:2583", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { name: "RHSA-2016:0780", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { name: "[oss-security] 20150825 Several low impact ntp.org ntpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254542", }, { name: "SUSE-SU:2016:2094", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { name: "SUSE-SU:2016:1311", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { name: "FEDORA-2015-14212", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-07-28T00:00:00", descriptions: [ { lang: "en", value: "The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-05-17T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "SUSE-SU:2016:1912", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA", }, { name: "76475", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76475", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { name: "RHSA-2016:2583", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { name: "RHSA-2016:0780", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { name: "[oss-security] 20150825 Several low impact ntp.org ntpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1254542", }, { name: "SUSE-SU:2016:2094", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { name: "SUSE-SU:2016:1311", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { name: "FEDORA-2015-14212", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5194", datePublished: "2017-07-21T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:08.328Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-8327 (GCVE-0-2015-8327)
Vulnerability from cvelistv5
Published
2015-12-17 19:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:13:32.694Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2831-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2831-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "78524", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/78524", }, { name: "[debian-printing] 20151126 cups-filters 1.2.0 released!", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-printing/2015/11/msg00020.html", }, { name: "USN-2831-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2831-2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS", }, { name: "DSA-3429", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3429", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406", }, { name: "RHSA-2016:0491", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { name: "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-printing/2015/12/msg00001.html", }, { name: "openSUSE-SU-2016:0179", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html", }, { name: "DSA-3411", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3411", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-26T00:00:00", descriptions: [ { lang: "en", value: "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "USN-2831-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2831-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "78524", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/78524", }, { name: "[debian-printing] 20151126 cups-filters 1.2.0 released!", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-printing/2015/11/msg00020.html", }, { name: "USN-2831-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2831-2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS", }, { name: "DSA-3429", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3429", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406", }, { name: "RHSA-2016:0491", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { name: "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-printing/2015/12/msg00001.html", }, { name: "openSUSE-SU-2016:0179", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html", }, { name: "DSA-3411", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3411", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8327", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-2831-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2831-1", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "78524", refsource: "BID", url: "http://www.securityfocus.com/bid/78524", }, { name: "[debian-printing] 20151126 cups-filters 1.2.0 released!", refsource: "MLIST", url: "https://lists.debian.org/debian-printing/2015/11/msg00020.html", }, { name: "USN-2831-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2831-2", }, { name: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS", refsource: "CONFIRM", url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS", }, { name: "DSA-3429", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3429", }, { name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886", refsource: "CONFIRM", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886", }, { name: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406", refsource: "CONFIRM", url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406", }, { name: "RHSA-2016:0491", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { name: "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!", refsource: "MLIST", url: "https://lists.debian.org/debian-printing/2015/12/msg00001.html", }, { name: "openSUSE-SU-2016:0179", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html", }, { name: "DSA-3411", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3411", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8327", datePublished: "2015-12-17T19:00:00", dateReserved: "2015-11-24T00:00:00", dateUpdated: "2024-08-06T08:13:32.694Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9669 (GCVE-0-2014-9669)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:04.547Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=163", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=163", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9669", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=163", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=163", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9669", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:04.547Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5277 (GCVE-0-2015-5277)
Vulnerability from cvelistv5
Published
2015-12-17 19:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:09.522Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-2985-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2985-2", }, { name: "RHSA-2015:2172", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2172.html", }, { name: "GLSA-201702-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201702-11", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "1034196", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034196", }, { name: "[libc-alpha] 20140909 The GNU C Library version 2.20 is now available", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html", }, { name: "78092", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/78092", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=17079", }, { name: "USN-2985-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2985-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262914", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Sep/7", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-08T00:00:00", descriptions: [ { lang: "en", value: "The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-05T01:06:07", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "USN-2985-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2985-2", }, { name: "RHSA-2015:2172", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2172.html", }, { name: "GLSA-201702-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201702-11", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "1034196", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034196", }, { name: "[libc-alpha] 20140909 The GNU C Library version 2.20 is now available", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html", }, { name: "78092", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/78092", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://sourceware.org/bugzilla/show_bug.cgi?id=17079", }, { name: "USN-2985-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2985-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1262914", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Sep/7", }, { name: "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Sep/7", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5277", datePublished: "2015-12-17T19:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:09.522Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4992 (GCVE-0-2016-4992)
Vulnerability from cvelistv5
Published
2017-06-08 19:00
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1347760 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-2594.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2765.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/389ds/389-ds-base/commit/0b932d4b926d46ac5060f02617330dc444e06da1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:40.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347760", }, { name: "RHSA-2016:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { name: "RHSA-2016:2765", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { tags: [ "x_transferred", ], url: "https://github.com/389ds/389-ds-base/commit/0b932d4b926d46ac5060f02617330dc444e06da1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-17T00:00:00", descriptions: [ { lang: "en", value: "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-18T15:43:14.631Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1347760", }, { name: "RHSA-2016:2594", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2594.html", }, { name: "RHSA-2016:2765", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2765.html", }, { url: "https://github.com/389ds/389-ds-base/commit/0b932d4b926d46ac5060f02617330dc444e06da1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4992", datePublished: "2017-06-08T19:00:00", dateReserved: "2016-05-24T00:00:00", dateUpdated: "2024-08-06T00:46:40.221Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-1703 (GCVE-0-2012-1703)
Vulnerability from cvelistv5
Published
2012-05-03 22:00
Modified
2024-08-06 19:08
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1462.html | vendor-advisory, x_refsource_REDHAT | |
| http://secunia.com/advisories/53372 | third-party-advisory, x_refsource_SECUNIA | |
| http://security.gentoo.org/glsa/glsa-201308-06.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securitytracker.com/id?1026934 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/51309 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/53058 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/48890 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/49179 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | vendor-advisory, x_refsource_MANDRIVA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T19:08:38.219Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2012:1462", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1462.html", }, { name: "53372", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/53372", }, { name: "GLSA-201308-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201308-06.xml", }, { name: "1026934", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1026934", }, { name: "51309", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51309", }, { name: "53058", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/53058", }, { name: "48890", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/48890", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", }, { name: "49179", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49179", }, { name: "MDVSA-2013:150", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-04-17T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-06T21:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "RHSA-2012:1462", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2012-1462.html", }, { name: "53372", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/53372", }, { name: "GLSA-201308-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201308-06.xml", }, { name: "1026934", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1026934", }, { name: "51309", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51309", }, { name: "53058", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/53058", }, { name: "48890", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/48890", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", }, { name: "49179", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49179", }, { name: "MDVSA-2013:150", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2012-1703", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2012:1462", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2012-1462.html", }, { name: "53372", refsource: "SECUNIA", url: "http://secunia.com/advisories/53372", }, { name: "GLSA-201308-06", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201308-06.xml", }, { name: "1026934", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1026934", }, { name: "51309", refsource: "SECUNIA", url: "http://secunia.com/advisories/51309", }, { name: "53058", refsource: "BID", url: "http://www.securityfocus.com/bid/53058", }, { name: "48890", refsource: "SECUNIA", url: "http://secunia.com/advisories/48890", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", }, { name: "49179", refsource: "SECUNIA", url: "http://secunia.com/advisories/49179", }, { name: "MDVSA-2013:150", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2012-1703", datePublished: "2012-05-03T22:00:00", dateReserved: "2012-03-16T00:00:00", dateUpdated: "2024-08-06T19:08:38.219Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3315 (GCVE-0-2015-3315)
Vulnerability from cvelistv5
Published
2017-06-26 15:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1211835 | x_refsource_CONFIRM | |
| https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/04/16/12 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2015/04/14/4 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-1083.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68 | x_refsource_CONFIRM | |
| https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75117 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/44097/ | exploit, x_refsource_EXPLOIT-DB | |
| http://rhn.redhat.com/errata/RHSA-2015-1210.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:47:56.280Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1211835", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92", }, { name: "[oss-security] 20150416 Re: Problems in automatic crash analysis frameworks", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/04/16/12", }, { name: "[oss-security] 20150414 Problems in automatic crash analysis frameworks", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/04/14/4", }, { name: "RHSA-2015:1083", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7", }, { name: "75117", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75117", }, { name: "44097", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/44097/", }, { name: "RHSA-2015:1210", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1210.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-14T00:00:00", descriptions: [ { lang: "en", value: "Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-02-18T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1211835", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92", }, { name: "[oss-security] 20150416 Re: Problems in automatic crash analysis frameworks", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/04/16/12", }, { name: "[oss-security] 20150414 Problems in automatic crash analysis frameworks", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/04/14/4", }, { name: "RHSA-2015:1083", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7", }, { name: "75117", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75117", }, { name: "44097", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/44097/", }, { name: "RHSA-2015:1210", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1210.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3315", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1211835", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1211835", }, { name: "https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92", refsource: "CONFIRM", url: "https://github.com/abrt/abrt/commit/80408e9e24a1c10f85fd969e1853e0f192157f92", }, { name: "[oss-security] 20150416 Re: Problems in automatic crash analysis frameworks", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/04/16/12", }, { name: "[oss-security] 20150414 Problems in automatic crash analysis frameworks", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/04/14/4", }, { name: "RHSA-2015:1083", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1083.html", }, { name: "https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68", refsource: "CONFIRM", url: "https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68", }, { name: "https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7", refsource: "CONFIRM", url: "https://github.com/abrt/abrt/commit/d6e2f6f128cef4c21cb80941ae674c9842681aa7", }, { name: "75117", refsource: "BID", url: "http://www.securityfocus.com/bid/75117", }, { name: "44097", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/44097/", }, { name: "RHSA-2015:1210", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1210.html", }, { name: "https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9", refsource: "CONFIRM", url: "https://github.com/abrt/abrt/commit/4f2c1ddd3e3b81d2d5146b883115371f1cada9f9", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3315", datePublished: "2017-06-26T15:00:00", dateReserved: "2015-04-16T00:00:00", dateUpdated: "2024-08-06T05:47:56.280Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3307 (GCVE-0-2015-3307)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/74703 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1223441 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| https://bugs.php.net/bug.php?id=69443 | x_refsource_CONFIRM | |
| http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html | vendor-advisory, x_refsource_APPLE | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT | |
| https://support.apple.com/kb/HT205031 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1066.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-1218.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:32.047Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74703", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74703", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1223441", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69443", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-15T00:00:00", descriptions: [ { lang: "en", value: "The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74703", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74703", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1223441", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69443", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3307", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74703", refsource: "BID", url: "http://www.securityfocus.com/bid/74703", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1223441", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1223441", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "https://bugs.php.net/bug.php?id=69443", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69443", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3307", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-04-15T00:00:00", dateUpdated: "2024-08-06T05:39:32.047Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-4604 (GCVE-0-2015-4604)
Vulnerability from cvelistv5
Published
2016-05-16 10:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1187.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1032709 | vdb-entry, x_refsource_SECTRACK | |
| http://rhn.redhat.com/errata/RHSA-2015-1186.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.php.net/bug.php?id=68819 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75241 | vdb-entry, x_refsource_BID | |
| http://php.net/ChangeLog-5.php | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/06/16/12 | mailing-list, x_refsource_MLIST | |
| http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1135.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:18:12.112Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=68819", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75241", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75241", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-01T00:00:00", descriptions: [ { lang: "en", value: "The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-21T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=68819", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75241", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75241", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-4604", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "1032709", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032709", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "https://bugs.php.net/bug.php?id=68819", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=68819", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "75241", refsource: "BID", url: "http://www.securityfocus.com/bid/75241", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "[oss-security] 20150616 Re: CVE Request: various issues in PHP", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/06/16/12", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-4604", datePublished: "2016-05-16T10:00:00", dateReserved: "2015-06-16T00:00:00", dateUpdated: "2024-08-06T06:18:12.112Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0609 (GCVE-0-2016-0609)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.681Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "81258", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81258", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "81258", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81258", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0609", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "81258", refsource: "BID", url: "http://www.securityfocus.com/bid/81258", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0609", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.681Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5229 (GCVE-0-2015-5229)
Vulnerability from cvelistv5
Published
2016-04-08 15:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1246713 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/84172 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1256285 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1293976 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-0176.html | vendor-advisory, x_refsource_REDHAT | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10150 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:07.992Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1246713", }, { name: "84172", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/84172", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1256285", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293976", }, { name: "RHSA-2016:0176", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-16T00:00:00", descriptions: [ { lang: "en", value: "The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1246713", }, { name: "84172", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/84172", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1256285", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1293976", }, { name: "RHSA-2016:0176", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0176.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5229", datePublished: "2016-04-08T15:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:07.992Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5287 (GCVE-0-2015-5287)
Vulnerability from cvelistv5
Published
2015-12-07 18:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-2505.html | vendor-advisory, x_refsource_REDHAT | |
| https://www.exploit-db.com/exploits/38832/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.openwall.com/lists/oss-security/2015/12/01/1 | mailing-list, x_refsource_MLIST | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1266837 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/78137 | vdb-entry, x_refsource_BID | |
| https://github.com/abrt/abrt/commit/3c1b60cfa62d39e5fff5a53a5bc53dae189e740e | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/154592/ABRT-sosreport-Privilege-Escalation.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:09.524Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2505", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { name: "38832", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/38832/", }, { name: "[oss-security] 20151201 CVE-2015-5273 + CVE-2015-5287, abrt local root in Centos/Fedora/RHEL", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1266837", }, { name: "78137", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/78137", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/abrt/abrt/commit/3c1b60cfa62d39e5fff5a53a5bc53dae189e740e", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/154592/ABRT-sosreport-Privilege-Escalation.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-23T00:00:00", descriptions: [ { lang: "en", value: "The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-24T18:06:16", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2505", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2505.html", }, { name: "38832", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/38832/", }, { name: "[oss-security] 20151201 CVE-2015-5273 + CVE-2015-5287, abrt local root in Centos/Fedora/RHEL", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/01/1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1266837", }, { name: "78137", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/78137", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/abrt/abrt/commit/3c1b60cfa62d39e5fff5a53a5bc53dae189e740e", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/154592/ABRT-sosreport-Privilege-Escalation.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5287", datePublished: "2015-12-07T18:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:09.524Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5219 (GCVE-0-2015-5219)
Vulnerability from cvelistv5
Published
2017-07-21 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:08.551Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8", }, { name: "openSUSE-SU:2016:3280", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { name: "RHSA-2016:2583", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg", }, { name: "RHSA-2016:0780", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { name: "[oss-security] 20150825 Several low impact ntp.org ntpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1255118", }, { name: "76473", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76473", }, { name: "SUSE-SU:2016:1311", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { name: "FEDORA-2015-14212", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { name: "FEDORA-2015-14213", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-04-24T00:00:00", descriptions: [ { lang: "en", value: "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-15T20:35:47", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8", }, { name: "openSUSE-SU:2016:3280", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "USN-2783-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2783-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21986956", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21988706", }, { name: "RHSA-2016:2583", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2583.html", }, { name: "FEDORA-2015-77bfbc1bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg", }, { name: "RHSA-2016:0780", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0780.html", }, { name: "DSA-3388", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3388", }, { name: "[oss-security] 20150825 Several low impact ntp.org ntpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/08/25/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1255118", }, { name: "76473", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76473", }, { name: "SUSE-SU:2016:1311", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { name: "FEDORA-2015-14212", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21989542", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www-01.ibm.com/support/docview.wss?uid=swg21985122", }, { name: "FEDORA-2015-14213", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5219", datePublished: "2017-07-21T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:08.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4444 (GCVE-0-2016-4444)
Vulnerability from cvelistv5
Published
2017-04-11 18:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://rhn.redhat.com/errata/RHSA-2016-1267.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/91476 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036144 | vdb-entry, x_refsource_SECTRACK | |
| http://seclists.org/oss-sec/2016/q2/575 | mailing-list, x_refsource_MLIST | |
| https://access.redhat.com/errata/RHSA-2016:1293 | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1332644 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:32:24.728Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { name: "91476", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91476", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { name: "RHSA-2016:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332644", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-21T00:00:00", descriptions: [ { lang: "en", value: "The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-12T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2016:1267", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { name: "91476", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91476", }, { name: "1036144", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2016/q2/575", }, { name: "RHSA-2016:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332644", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-4444", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:1267", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2016-1267.html", }, { name: "91476", refsource: "BID", url: "http://www.securityfocus.com/bid/91476", }, { name: "1036144", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036144", }, { name: "[oss-security] 20160621 Re: SELinux troubles", refsource: "MLIST", url: "http://seclists.org/oss-sec/2016/q2/575", }, { name: "RHSA-2016:1293", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1293", }, { name: "https://github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5", refsource: "CONFIRM", url: "https://github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1332644", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332644", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-4444", datePublished: "2017-04-11T18:00:00", dateReserved: "2016-05-02T00:00:00", dateUpdated: "2024-08-06T00:32:24.728Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7796 (GCVE-0-2016-7796)
Vulnerability from cvelistv5
Published
2016-10-13 14:00
Modified
2024-08-06 02:04
Severity ?
EPSS score ?
Summary
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/09/30/1 | mailing-list, x_refsource_MLIST | |
| https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet | x_refsource_MISC | |
| https://github.com/systemd/systemd/issues/4234#issuecomment-250441246 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html | vendor-advisory, x_refsource_SUSE | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1381911 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2017-0003.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securitytracker.com/id/1037320 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/93250 | vdb-entry, x_refsource_BID | |
| https://rhn.redhat.com/errata/RHBA-2015-2092.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:04:56.092Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20160930 Re: CVE Request: systemd v209+: local denial-of-service attack", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/09/30/1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/systemd/systemd/issues/4234#issuecomment-250441246", }, { name: "SUSE-SU-2016:2475", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1381911", }, { name: "RHSA-2017:0003", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0003.html", }, { name: "SUSE-SU-2016:2476", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html", }, { name: "1037320", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037320", }, { name: "93250", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93250", }, { name: "RHBA-2015:2092", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHBA-2015-2092.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-09-28T00:00:00", descriptions: [ { lang: "en", value: "The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-27T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20160930 Re: CVE Request: systemd v209+: local denial-of-service attack", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/09/30/1", }, { tags: [ "x_refsource_MISC", ], url: "https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/systemd/systemd/issues/4234#issuecomment-250441246", }, { name: "SUSE-SU-2016:2475", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1381911", }, { name: "RHSA-2017:0003", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0003.html", }, { name: "SUSE-SU-2016:2476", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html", }, { name: "1037320", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037320", }, { name: "93250", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93250", }, { name: "RHBA-2015:2092", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHBA-2015-2092.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7796", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20160930 Re: CVE Request: systemd v209+: local denial-of-service attack", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/09/30/1", }, { name: "https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet", refsource: "MISC", url: "https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet", }, { name: "https://github.com/systemd/systemd/issues/4234#issuecomment-250441246", refsource: "CONFIRM", url: "https://github.com/systemd/systemd/issues/4234#issuecomment-250441246", }, { name: "SUSE-SU-2016:2475", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1381911", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1381911", }, { name: "RHSA-2017:0003", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0003.html", }, { name: "SUSE-SU-2016:2476", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html", }, { name: "1037320", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037320", }, { name: "93250", refsource: "BID", url: "http://www.securityfocus.com/bid/93250", }, { name: "RHBA-2015:2092", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHBA-2015-2092.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7796", datePublished: "2016-10-13T14:00:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T02:04:56.092Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-6325 (GCVE-0-2016-6325)
Vulnerability from cvelistv5
Published
2016-10-13 14:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93478 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-2045.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2046.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2017-0457.html | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2017:0455 | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1367447 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:0456 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:29:18.293Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "93478", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93478", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "RHSA-2016:2045", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { name: "RHSA-2016:2046", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { name: "RHSA-2017:0457", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { name: "RHSA-2017:0455", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { name: "RHSA-2017:0456", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:0456", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-10T00:00:00", descriptions: [ { lang: "en", value: "The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "93478", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93478", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", }, { name: "RHSA-2016:2045", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2045.html", }, { name: "RHSA-2016:2046", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2046.html", }, { name: "RHSA-2017:0457", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html", }, { name: "RHSA-2017:0455", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:0455", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367447", }, { name: "RHSA-2017:0456", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:0456", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-6325", datePublished: "2016-10-13T14:00:00", dateReserved: "2016-07-26T00:00:00", dateUpdated: "2024-08-06T01:29:18.293Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9658 (GCVE-0-2014-9658)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:03.780Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=194", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=194", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9658", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=194", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=194", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9658", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:03.780Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2108 (GCVE-0-2016-2108)
Vulnerability from cvelistv5
Published
2016-05-05 00:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:17:50.714Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SSA:2016-124-01", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { name: "DSA-3566", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1035721", }, { tags: [ "x_transferred", ], url: "http://support.citrix.com/article/CTX212736", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2016-18", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "RHSA-2017:0194", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:0194", }, { tags: [ "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { name: "RHSA-2017:0193", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:0193", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { tags: [ "x_transferred", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/HT206903", }, { tags: [ "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "89752", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/89752", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { name: "RHSA-2016:1137", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1137", }, { tags: [ "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00", descriptions: [ { lang: "en", value: "The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the \"negative zero\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "SSA:2016-124-01", tags: [ "vendor-advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "RHSA-2016:2056", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { name: "openSUSE-SU-2016:1242", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", }, { name: "SUSE-SU-2016:1267", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { name: "DSA-3566", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { name: "1035721", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1035721", }, { url: "http://support.citrix.com/article/CTX212736", }, { url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27", }, { name: "openSUSE-SU-2016:1239", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { name: "SUSE-SU-2016:1231", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", }, { url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { name: "openSUSE-SU-2016:1241", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { name: "SUSE-SU-2016:1360", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", }, { url: "https://www.tenable.com/security/tns-2016-18", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { name: "RHSA-2017:0194", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:0194", }, { url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { name: "RHSA-2017:0193", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:0193", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr", }, { url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "SUSE-SU-2016:1290", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", }, { name: "openSUSE-SU-2016:1273", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { url: "https://www.openssl.org/news/secadv/20160503.txt", }, { url: "https://support.apple.com/HT206903", }, { url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "89752", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/89752", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { name: "RHSA-2016:1137", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2016:1137", }, { url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-2108", datePublished: "2016-05-05T00:00:00", dateReserved: "2016-01-29T00:00:00", dateUpdated: "2024-08-05T23:17:50.714Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9671 (GCVE-0-2014-9671)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:03.991Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=157", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=157", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9671", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=157", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=157", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9671", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:03.991Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9675 (GCVE-0-2014-9675)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:04.532Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=151", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://source.android.com/security/bulletin/2016-11-01.html", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=151", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://source.android.com/security/bulletin/2016-11-01.html", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9675", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=151", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=151", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "https://source.android.com/security/bulletin/2016-11-01.html", refsource: "CONFIRM", url: "https://source.android.com/security/bulletin/2016-11-01.html", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9675", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:04.532Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7499 (GCVE-0-2015-7499)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:27.969Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206168", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xmlsoft.org/news.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281925", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { name: "79509", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/79509", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206166", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-20T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206168", }, { name: "DSA-3430", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3430", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xmlsoft.org/news.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281925", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { name: "79509", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/79509", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206166", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7499", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:27.969Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2107 (GCVE-0-2016-2107)
Vulnerability from cvelistv5
Published
2016-05-05 00:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:17:50.633Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { name: "DSA-3566", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03728en_us", }, { name: "1035721", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securitytracker.com/id/1035721", }, { tags: [ "x_transferred", ], url: "http://support.citrix.com/article/CTX212736", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=68595c0c2886e7942a14f98c17a55a88afb6c292", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { name: "openSUSE-SU-2016:1566", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { tags: [ "x_transferred", ], url: "https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2016-18", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { tags: [ "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { tags: [ "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "89760", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/89760", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { tags: [ "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { tags: [ "x_transferred", ], url: "http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20160503.txt", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/HT206903", }, { tags: [ "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { name: "39768", tags: [ "exploit", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39768/", }, { tags: [ "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00", descriptions: [ { lang: "en", value: "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", }, { name: "SSA:2016-124-01", tags: [ "vendor-advisory", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103", }, { name: "openSUSE-SU-2016:1238", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", }, { name: "RHSA-2016:2073", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us", }, { name: "DSA-3566", tags: [ "vendor-advisory", ], url: "http://www.debian.org/security/2016/dsa-3566", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10160", }, { name: "openSUSE-SU-2016:1243", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", }, { name: "GLSA-201612-16", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/201612-16", }, { name: "SUSE-SU-2016:1228", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03728en_us", }, { name: "1035721", tags: [ "vdb-entry", ], url: "http://www.securitytracker.com/id/1035721", }, { url: "http://support.citrix.com/article/CTX212736", }, { name: "SUSE-SU-2016:1206", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", }, { name: "FEDORA-2016-1e39d934ed", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html", }, { name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016", tags: [ "vendor-advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us", }, { url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "FEDORA-2016-1411324654", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html", }, { name: "openSUSE-SU-2016:1240", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", }, { url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=68595c0c2886e7942a14f98c17a55a88afb6c292", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862", }, { name: "openSUSE-SU-2016:1566", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html", }, { name: "APPLE-SA-2016-07-18-1", tags: [ "vendor-advisory", ], url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", }, { url: "https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/", }, { url: "https://www.tenable.com/security/tns-2016-18", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", }, { name: "SUSE-SU-2016:1233", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", }, { url: "http://source.android.com/security/bulletin/2016-07-01.html", }, { url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804", }, { name: "openSUSE-SU-2016:1237", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202", }, { name: "RHSA-2016:0996", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { url: "https://security.netapp.com/advisory/ntap-20160504-0001/", }, { name: "91787", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/91787", }, { name: "89760", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/89760", }, { name: "RHSA-2016:2957", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html", }, { name: "USN-2959-1", tags: [ "vendor-advisory", ], url: "http://www.ubuntu.com/usn/USN-2959-1", }, { url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { url: "http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html", }, { name: "RHSA-2016:0722", tags: [ "vendor-advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html", }, { name: "FreeBSD-SA-16:17", tags: [ "vendor-advisory", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc", }, { url: "https://www.openssl.org/news/secadv/20160503.txt", }, { url: "https://support.apple.com/HT206903", }, { url: "https://bto.bluecoat.com/security-advisory/sa123", }, { name: "FEDORA-2016-05c567df1a", tags: [ "vendor-advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html", }, { name: "39768", tags: [ "exploit", ], url: "https://www.exploit-db.com/exploits/39768/", }, { url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-2107", datePublished: "2016-05-05T00:00:00", dateReserved: "2016-01-29T00:00:00", dateUpdated: "2024-08-05T23:17:50.633Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-4975 (GCVE-0-2014-4975)
Vulnerability from cvelistv5
Published
2014-11-15 20:00
Modified
2024-08-06 11:34
Severity ?
EPSS score ?
Summary
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T11:34:36.647Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20140709 Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/07/09/13", }, { name: "RHSA-2014:1912", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1912.html", }, { name: "68474", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/68474", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2014:1913", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1913.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1118158", }, { name: "DSA-3157", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3157", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0472.html", }, { name: "USN-2397-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2397-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.ruby-lang.org/issues/10019", }, { name: "MDVSA-2015:129", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:129", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778", }, { name: "RHSA-2014:1914", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1914.html", }, { name: "ruby-cve20144975-bo(94706)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94706", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-07-09T00:00:00", descriptions: [ { lang: "en", value: "Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20140709 Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/07/09/13", }, { name: "RHSA-2014:1912", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1912.html", }, { name: "68474", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/68474", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2014:1913", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1913.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1118158", }, { name: "DSA-3157", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3157", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0472.html", }, { name: "USN-2397-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2397-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.ruby-lang.org/issues/10019", }, { name: "MDVSA-2015:129", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:129", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778", }, { name: "RHSA-2014:1914", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1914.html", }, { name: "ruby-cve20144975-bo(94706)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94706", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-4975", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20140709 Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/07/09/13", }, { name: "RHSA-2014:1912", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1912.html", }, { name: "68474", refsource: "BID", url: "http://www.securityfocus.com/bid/68474", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2014:1913", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1913.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1118158", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1118158", }, { name: "DSA-3157", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3157", }, { name: "http://advisories.mageia.org/MGASA-2014-0472.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0472.html", }, { name: "USN-2397-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2397-1", }, { name: "https://bugs.ruby-lang.org/issues/10019", refsource: "CONFIRM", url: "https://bugs.ruby-lang.org/issues/10019", }, { name: "MDVSA-2015:129", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:129", }, { name: "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778", refsource: "CONFIRM", url: "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778", }, { name: "RHSA-2014:1914", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1914.html", }, { name: "ruby-cve20144975-bo(94706)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94706", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-4975", datePublished: "2014-11-15T20:00:00", dateReserved: "2014-07-15T00:00:00", dateUpdated: "2024-08-06T11:34:36.647Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3330 (GCVE-0-2015-3330)
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:47:57.725Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74204", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74204", }, { name: "1033703", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033703", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=69218", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=68486", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "[oss-security] 20150417 Re: CVE Request: PHP potential remote code execution with apache 2.4 apache2handler", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2015/04/17/7", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-04-16T00:00:00", descriptions: [ { lang: "en", value: "The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a \"deconfigured interpreter.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-29T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:1187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74204", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74204", }, { name: "1033703", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033703", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=69218", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=68486", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7", }, { name: "USN-2572-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "[oss-security] 20150417 Re: CVE Request: PHP potential remote code execution with apache 2.4 apache2handler", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2015/04/17/7", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-3330", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a \"deconfigured interpreter.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1187", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1187.html", }, { name: "RHSA-2015:1186", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1186.html", }, { name: "74204", refsource: "BID", url: "http://www.securityfocus.com/bid/74204", }, { name: "1033703", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033703", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "https://bugs.php.net/bug.php?id=69218", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=69218", }, { name: "https://bugs.php.net/bug.php?id=68486", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=68486", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7", }, { name: "USN-2572-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2572-1", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT205031", }, { name: "openSUSE-SU-2015:0855", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html", }, { name: "[oss-security] 20150417 Re: CVE Request: PHP potential remote code execution with apache 2.4 apache2handler", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2015/04/17/7", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-3330", datePublished: "2015-06-09T18:00:00", dateReserved: "2015-04-17T00:00:00", dateUpdated: "2024-08-06T05:47:57.725Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-8242 (GCVE-0-2015-8242)
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:13:31.676Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { name: "[oss-security] 20151118 Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206168", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://xmlsoft.org/news.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "[oss-security] 20151118 Re: Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756372", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { name: "77681", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/77681", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT206166", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-18T00:00:00", descriptions: [ { lang: "en", value: "The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-13T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2015:2550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { name: "[oss-security] 20151118 Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206167", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206168", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2", }, { name: "APPLE-SA-2016-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://xmlsoft.org/news.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", }, { name: "RHSA-2016:1089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "[oss-security] 20151118 Re: Buffer overflow in libxml2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { name: "1034243", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=756372", }, { name: "HPSBGN03537", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { name: "77681", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/77681", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "GLSA-201701-37", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206169", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT206166", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8242", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:2550", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-2550.html", }, { name: "APPLE-SA-2016-03-21-5", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", }, { name: "openSUSE-SU-2016:0106", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", }, { name: "[oss-security] 20151118 Buffer overflow in libxml2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/11/17/5", }, { name: "https://support.apple.com/HT206167", refsource: "CONFIRM", url: "https://support.apple.com/HT206167", }, { name: "https://support.apple.com/HT206168", refsource: "CONFIRM", url: "https://support.apple.com/HT206168", }, { name: "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2", refsource: "CONFIRM", url: "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2", }, { name: "APPLE-SA-2016-03-21-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", }, { name: "http://xmlsoft.org/news.html", refsource: "CONFIRM", url: "http://xmlsoft.org/news.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", }, { name: "RHSA-2016:1089", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1089.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "APPLE-SA-2016-03-21-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", }, { name: "USN-2834-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2834-1", }, { name: "[oss-security] 20151118 Re: Buffer overflow in libxml2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/11/18/23", }, { name: "1034243", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034243", }, { name: "RHSA-2015:2549", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-2549.html", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=756372", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=756372", }, { name: "HPSBGN03537", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=145382616617563&w=2", }, { name: "77681", refsource: "BID", url: "http://www.securityfocus.com/bid/77681", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "GLSA-201701-37", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-37", }, { name: "openSUSE-SU-2015:2372", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", }, { name: "APPLE-SA-2016-03-21-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", }, { name: "https://support.apple.com/HT206169", refsource: "CONFIRM", url: "https://support.apple.com/HT206169", }, { name: "https://support.apple.com/HT206166", refsource: "CONFIRM", url: "https://support.apple.com/HT206166", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8242", datePublished: "2015-12-15T21:00:00", dateReserved: "2015-11-18T00:00:00", dateUpdated: "2024-08-06T08:13:31.676Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-0248 (GCVE-0-2015-0248)
Vulnerability from cvelistv5
Published
2015-04-08 18:00
Modified
2024-08-06 04:03
Severity ?
EPSS score ?
Summary
The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:03:10.500Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1742", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { name: "DSA-3231", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3231", }, { name: "RHSA-2015:1633", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { name: "74260", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74260", }, { name: "1033214", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033214", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205217", }, { name: "MDVSA-2015:192", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { name: "APPLE-SA-2015-09-16-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, { name: "openSUSE-SU-2015:0672", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { name: "GLSA-201610-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201610-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-31T00:00:00", descriptions: [ { lang: "en", value: "The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-20T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1742", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { name: "DSA-3231", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3231", }, { name: "RHSA-2015:1633", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { name: "74260", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74260", }, { name: "1033214", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033214", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205217", }, { name: "MDVSA-2015:192", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { name: "APPLE-SA-2015-09-16-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, { name: "openSUSE-SU-2015:0672", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { name: "GLSA-201610-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201610-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-0248", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1742", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { name: "DSA-3231", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3231", }, { name: "RHSA-2015:1633", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { name: "74260", refsource: "BID", url: "http://www.securityfocus.com/bid/74260", }, { name: "1033214", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033214", }, { name: "https://support.apple.com/HT205217", refsource: "CONFIRM", url: "https://support.apple.com/HT205217", }, { name: "MDVSA-2015:192", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { name: "APPLE-SA-2015-09-16-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { name: "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", refsource: "CONFIRM", url: "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", }, { name: "USN-2721-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { name: "openSUSE-SU-2015:0672", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { name: "GLSA-201610-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201610-05", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-0248", datePublished: "2015-04-08T18:00:00", dateReserved: "2014-11-18T00:00:00", dateUpdated: "2024-08-06T04:03:10.500Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-0432 (GCVE-0-2015-0432)
Vulnerability from cvelistv5
Published
2015-01-21 19:00
Modified
2024-08-06 04:10
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:10:10.442Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:0118", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0118.html", }, { name: "DSA-3135", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3135", }, { name: "RHSA-2015:0116", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0116.html", }, { name: "USN-2480-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2480-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "RHSA-2015:1628", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { name: "62732", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62732", }, { name: "RHSA-2015:0117", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0117.html", }, { name: "oracle-cpujan2015-cve20150432(100187)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/100187", }, { name: "1031581", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031581", }, { name: "GLSA-201504-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201504-05", }, { name: "62728", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62728", }, { name: "FEDORA-2015-1162", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html", }, { name: "62730", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62730", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "72217", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72217", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-01-17T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-07T15:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "RHSA-2015:0118", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0118.html", }, { name: "DSA-3135", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3135", }, { name: "RHSA-2015:0116", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0116.html", }, { name: "USN-2480-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2480-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "SUSE-SU-2015:0743", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "RHSA-2015:1628", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { name: "62732", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62732", }, { name: "RHSA-2015:0117", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0117.html", }, { name: "oracle-cpujan2015-cve20150432(100187)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/100187", }, { name: "1031581", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031581", }, { name: "GLSA-201504-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201504-05", }, { name: "62728", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62728", }, { name: "FEDORA-2015-1162", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html", }, { name: "62730", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62730", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "72217", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72217", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2015-0432", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:0118", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0118.html", }, { name: "DSA-3135", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3135", }, { name: "RHSA-2015:0116", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0116.html", }, { name: "USN-2480-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2480-1", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "SUSE-SU-2015:0743", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html", }, { name: "RHSA-2015:1628", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1628.html", }, { name: "62732", refsource: "SECUNIA", url: "http://secunia.com/advisories/62732", }, { name: "RHSA-2015:0117", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0117.html", }, { name: "oracle-cpujan2015-cve20150432(100187)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/100187", }, { name: "1031581", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1031581", }, { name: "GLSA-201504-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201504-05", }, { name: "62728", refsource: "SECUNIA", url: "http://secunia.com/advisories/62728", }, { name: "FEDORA-2015-1162", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html", }, { name: "62730", refsource: "SECUNIA", url: "http://secunia.com/advisories/62730", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { name: "72217", refsource: "BID", url: "http://www.securityfocus.com/bid/72217", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2015-0432", datePublished: "2015-01-21T19:00:00", dateReserved: "2014-12-17T00:00:00", dateUpdated: "2024-08-06T04:10:10.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9674 (GCVE-0-2014-9674)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:04.116Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "DSA-3461", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3461", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=153", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "DSA-3461", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3461", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=153", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9674", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3", }, { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "DSA-3461", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3461", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=153", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=153", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9674", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:04.116Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0764 (GCVE-0-2016-0764)
Vulnerability from cvelistv5
Published
2017-07-14 20:00
Modified
2024-08-05 22:30
Severity ?
EPSS score ?
Summary
Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2581.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1324025 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:30:04.027Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:2581", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2581.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324025", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-04-05T00:00:00", descriptions: [ { lang: "en", value: "Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-14T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2016:2581", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2581.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324025", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-0764", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:2581", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2581.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1324025", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1324025", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-0764", datePublished: "2017-07-14T20:00:00", dateReserved: "2015-12-16T00:00:00", dateUpdated: "2024-08-05T22:30:04.027Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-9667 (GCVE-0-2014-9667)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:55:04.576Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=166", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-12-06T00:00:00", descriptions: [ { lang: "en", value: "sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-06-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891", }, { name: "DSA-3188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { tags: [ "x_refsource_MISC", ], url: "http://code.google.com/p/google-security-research/issues/detail?id=166", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-9667", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891", refsource: "CONFIRM", url: "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891", }, { name: "DSA-3188", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3188", }, { name: "GLSA-201503-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-05", }, { name: "72986", refsource: "BID", url: "http://www.securityfocus.com/bid/72986", }, { name: "USN-2739-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2739-1", }, { name: "openSUSE-SU-2015:0627", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html", }, { name: "http://advisories.mageia.org/MGASA-2015-0083.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0083.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", }, { name: "RHSA-2015:0696", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0696.html", }, { name: "FEDORA-2015-2216", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html", }, { name: "MDVSA-2015:055", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055", }, { name: "USN-2510-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2510-1", }, { name: "FEDORA-2015-2237", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html", }, { name: "http://code.google.com/p/google-security-research/issues/detail?id=166", refsource: "MISC", url: "http://code.google.com/p/google-security-research/issues/detail?id=166", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-9667", datePublished: "2015-02-08T11:00:00", dateReserved: "2015-02-07T00:00:00", dateUpdated: "2024-08-06T13:55:04.576Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-6137 (GCVE-0-2012-6137)
Vulnerability from cvelistv5
Published
2013-05-21 18:00
Modified
2024-08-06 21:28
Severity ?
EPSS score ?
Summary
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/59674 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/93058 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id/1028520 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/53330 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/84020 | vdb-entry, x_refsource_XF | |
| https://bugzilla.redhat.com/show_bug.cgi?id=885130 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2013-0788.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:28:39.385Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59674", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/59674", }, { name: "93058", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/93058", }, { name: "1028520", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1028520", }, { name: "53330", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/53330", }, { name: "redhat-ssl-cve20126137-sec-bypass(84020)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84020", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=885130", }, { name: "RHSA-2013:0788", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0788.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-05-06T00:00:00", descriptions: [ { lang: "en", value: "rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "59674", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/59674", }, { name: "93058", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/93058", }, { name: "1028520", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1028520", }, { name: "53330", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/53330", }, { name: "redhat-ssl-cve20126137-sec-bypass(84020)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/84020", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=885130", }, { name: "RHSA-2013:0788", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0788.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-6137", datePublished: "2013-05-21T18:00:00", dateReserved: "2012-12-06T00:00:00", dateUpdated: "2024-08-06T21:28:39.385Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-0598 (GCVE-0-2016-0598)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:22:55.837Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "81182", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/81182", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-19T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { name: "SUSE-SU-2016:1620", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "81182", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/81182", }, { name: "SUSE-SU-2016:1619", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2016-0598", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2016:1620", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html", }, { name: "RHSA-2016:1481", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1481.html", }, { name: "openSUSE-SU-2016:0367", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html", }, { name: "RHSA-2016:1132", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2016:1132", }, { name: "DSA-3459", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3459", }, { name: "1034708", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1034708", }, { name: "RHSA-2016:0534", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0534.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "81182", refsource: "BID", url: "http://www.securityfocus.com/bid/81182", }, { name: "SUSE-SU-2016:1619", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "RHSA-2016:1480", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1480.html", }, { name: "openSUSE-SU-2016:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "https://mariadb.com/kb/en/mdb-10023-rn/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mdb-10023-rn/", }, { name: "USN-2881-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2881-1", }, { name: "openSUSE-SU-2016:0377", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html", }, { name: "DSA-3453", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3453", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", }, { name: "openSUSE-SU-2016:1686", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html", }, { name: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", refsource: "CONFIRM", url: "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", }, { name: "RHSA-2016:0705", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0705.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2016-0598", datePublished: "2016-01-21T02:00:00", dateReserved: "2015-12-09T00:00:00", dateUpdated: "2024-08-05T22:22:55.837Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-0251 (GCVE-0-2015-0251)
Vulnerability from cvelistv5
Published
2015-04-08 18:00
Modified
2024-08-06 04:03
Severity ?
EPSS score ?
Summary
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:03:10.727Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1742", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { name: "DSA-3231", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3231", }, { name: "RHSA-2015:1633", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { name: "20150611 Apache vulnerability program faulting module ntdll.dll", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2015/Jun/32", }, { name: "74259", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74259", }, { name: "1033214", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033214", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205217", }, { name: "MDVSA-2015:192", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { name: "APPLE-SA-2015-09-16-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://subversion.apache.org/security/CVE-2015-0251-advisory.txt", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, { name: "openSUSE-SU-2015:0672", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { name: "GLSA-201610-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201610-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-31T00:00:00", descriptions: [ { lang: "en", value: "The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-20T09:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1742", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { name: "DSA-3231", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3231", }, { name: "RHSA-2015:1633", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { name: "20150611 Apache vulnerability program faulting module ntdll.dll", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2015/Jun/32", }, { name: "74259", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74259", }, { name: "1033214", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033214", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205217", }, { name: "MDVSA-2015:192", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { name: "APPLE-SA-2015-09-16-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://subversion.apache.org/security/CVE-2015-0251-advisory.txt", }, { name: "USN-2721-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2721-1", }, { name: "openSUSE-SU-2015:0672", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { name: "GLSA-201610-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201610-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-0251", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2015:1742", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1742.html", }, { name: "DSA-3231", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3231", }, { name: "RHSA-2015:1633", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1633.html", }, { name: "20150611 Apache vulnerability program faulting module ntdll.dll", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2015/Jun/32", }, { name: "74259", refsource: "BID", url: "http://www.securityfocus.com/bid/74259", }, { name: "1033214", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033214", }, { name: "https://support.apple.com/HT205217", refsource: "CONFIRM", url: "https://support.apple.com/HT205217", }, { name: "MDVSA-2015:192", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192", }, { name: "APPLE-SA-2015-09-16-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", }, { name: "http://subversion.apache.org/security/CVE-2015-0251-advisory.txt", refsource: "CONFIRM", url: "http://subversion.apache.org/security/CVE-2015-0251-advisory.txt", }, { name: "USN-2721-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2721-1", }, { name: "openSUSE-SU-2015:0672", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html", }, { name: "GLSA-201610-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201610-05", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-0251", datePublished: "2015-04-08T18:00:00", dateReserved: "2014-11-18T00:00:00", dateUpdated: "2024-08-06T04:03:10.727Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3718 (GCVE-0-2016-3718)
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2025-02-07 13:27
Severity ?
EPSS score ?
Summary
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:03:34.460Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "openSUSE-SU-2016:1326", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { name: "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2016-3718", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:27:43.837440Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-3718", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T13:27:56.489Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-03T00:00:00.000Z", descriptions: [ { lang: "en", value: "The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", }, { name: "openSUSE-SU-2016:1266", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", }, { name: "openSUSE-SU-2016:1326", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", }, { name: "USN-2990-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2990-1", }, { name: "openSUSE-SU-2016:1261", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", }, { name: "20160513 May 2016 - HipChat Server - Critical Security Advisory", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/538378/100/0/threaded", }, { name: "39767", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39767/", }, { name: "SUSE-SU-2016:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", }, { name: "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/05/03/18", }, { name: "GLSA-201611-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201611-21", }, { name: "SUSE-SU-2016:1275", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", }, { name: "SSA:2016-132-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.imagemagick.org/script/changelog.php", }, { name: "DSA-3580", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3580", }, { name: "RHSA-2016:0726", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0726.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-3718", datePublished: "2016-05-05T18:00:00.000Z", dateReserved: "2016-03-30T00:00:00.000Z", dateUpdated: "2025-02-07T13:27:56.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-9634 (GCVE-0-2016-9634)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-08-06 02:59
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2016/dsa-3724 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2017-0019.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2975.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2016/dsa-3723 | vendor-advisory, x_refsource_DEBIAN | |
| http://rhn.redhat.com/errata/RHSA-2017-0020.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/94499 | vdb-entry, x_refsource_BID | |
| https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/11/24/2 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.gnome.org/show_bug.cgi?id=774834 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201705-10 | vendor-advisory, x_refsource_GENTOO | |
| https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:59:03.063Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3724", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94499", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201705-10", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-23T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3724", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94499", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201705-10", }, { tags: [ "x_refsource_MISC", ], url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-9634", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3724", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3724", }, { name: "RHSA-2017:0019", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0019.html", }, { name: "RHSA-2016:2975", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2975.html", }, { name: "DSA-3723", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3723", }, { name: "RHSA-2017:0020", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0020.html", }, { name: "94499", refsource: "BID", url: "http://www.securityfocus.com/bid/94499", }, { name: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", refsource: "CONFIRM", url: "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", }, { name: "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/11/24/2", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=774834", }, { name: "GLSA-201705-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201705-10", }, { name: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", refsource: "MISC", url: "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-9634", datePublished: "2017-01-27T22:01:00", dateReserved: "2016-11-23T00:00:00", dateUpdated: "2024-08-06T02:59:03.063Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3276 (GCVE-0-2015-3276)
Vulnerability from cvelistv5
Published
2015-12-07 20:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-2131.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1238322 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1034221 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:32.077Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:2131", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, { name: "1034221", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1034221", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-11-19T00:00:00", descriptions: [ { lang: "en", value: "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-10-12T16:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:2131", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2131.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1238322", }, { name: "1034221", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1034221", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-3276", datePublished: "2015-12-07T20:00:00", dateReserved: "2015-04-10T00:00:00", dateUpdated: "2024-08-06T05:39:32.077Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2010-5325 (GCVE-0-2010-5325)
Vulnerability from cvelistv5
Published
2016-04-15 14:00
Modified
2024-08-07 04:17
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1218297 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | x_refsource_CONFIRM | |
| http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog | x_refsource_CONFIRM | |
| https://bugs.linuxfoundation.org/show_bug.cgi?id=515 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2016-0491.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2016/02/15/1 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2016/02/15/7 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:17:10.191Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1218297", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.linuxfoundation.org/show_bug.cgi?id=515", }, { name: "RHSA-2016:0491", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { name: "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/1", }, { name: "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/7", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-08-27T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-09-30T13:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1218297", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.linuxfoundation.org/show_bug.cgi?id=515", }, { name: "RHSA-2016:0491", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { name: "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/1", }, { name: "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/02/15/7", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-5325", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1218297", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1218297", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", }, { name: "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog", refsource: "CONFIRM", url: "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog", }, { name: "https://bugs.linuxfoundation.org/show_bug.cgi?id=515", refsource: "CONFIRM", url: "https://bugs.linuxfoundation.org/show_bug.cgi?id=515", }, { name: "RHSA-2016:0491", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0491.html", }, { name: "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/02/15/1", }, { name: "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/02/15/7", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-5325", datePublished: "2016-04-15T14:00:00", dateReserved: "2016-02-15T00:00:00", dateUpdated: "2024-08-07T04:17:10.191Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4302 (GCVE-0-2016-4302)
Vulnerability from cvelistv5
Published
2016-09-21 14:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-1844.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | x_refsource_CONFIRM | |
| http://blog.talosintel.com/2016/06/the-poisoned-archives.html | x_refsource_MISC | |
| http://www.talosintel.com/reports/TALOS-2016-0154/ | x_refsource_MISC | |
| https://github.com/libarchive/libarchive/issues/719 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91331 | vdb-entry, x_refsource_BID | |
| http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201701-03 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2016/dsa-3657 | vendor-advisory, x_refsource_DEBIAN | |
| https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:25:14.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.talosintel.com/reports/TALOS-2016-0154/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/issues/719", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "91331", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91331", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3657", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-06-19T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-03T18:57:01", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "RHSA-2016:1844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.talosintel.com/reports/TALOS-2016-0154/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/issues/719", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "91331", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91331", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", }, { name: "GLSA-201701-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3657", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2016-4302", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2016:1844", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-1844.html", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", }, { name: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", refsource: "MISC", url: "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", }, { name: "http://www.talosintel.com/reports/TALOS-2016-0154/", refsource: "MISC", url: "http://www.talosintel.com/reports/TALOS-2016-0154/", }, { name: "https://github.com/libarchive/libarchive/issues/719", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/issues/719", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", }, { name: "91331", refsource: "BID", url: "http://www.securityfocus.com/bid/91331", }, { name: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", refsource: "CONFIRM", url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", }, { name: "GLSA-201701-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201701-03", }, { name: "DSA-3657", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3657", }, { name: "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", refsource: "CONFIRM", url: "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2016-4302", datePublished: "2016-09-21T14:00:00", dateReserved: "2016-04-27T00:00:00", dateUpdated: "2024-08-06T00:25:14.221Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-2301 (GCVE-0-2015-2301)
Vulnerability from cvelistv5
Published
2015-03-30 10:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:10:16.232Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-3198", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3198", }, { name: "USN-2535-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2535-1", }, { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "openSUSE-SU-2015:0644", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "1031949", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031949", }, { name: "HPSBMU03380", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "MDVSA-2015:079", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194747", }, { name: "SSRT102066", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=68901", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b2cf3f064b8f5efef89bb084521b61318c71781b", }, { name: "73037", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/73037", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "HPSBUX03337", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "[oss-security] 20150315 Re: CVE Request: PHP 5.6.6 changelog", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2015/03/15/6", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-01-24T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-3198", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3198", }, { name: "USN-2535-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2535-1", }, { name: "HPSBMU03409", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "openSUSE-SU-2015:0644", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "1031949", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031949", }, { name: "HPSBMU03380", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "MDVSA-2015:079", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194747", }, { name: "SSRT102066", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=68901", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b2cf3f064b8f5efef89bb084521b61318c71781b", }, { name: "73037", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/73037", }, { name: "RHSA-2015:1135", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1053", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "HPSBUX03337", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "[oss-security] 20150315 Re: CVE Request: PHP 5.6.6 changelog", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2015/03/15/6", }, { name: "GLSA-201606-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-2301", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-3198", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3198", }, { name: "USN-2535-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2535-1", }, { name: "HPSBMU03409", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2", }, { name: "openSUSE-SU-2015:0644", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "1031949", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1031949", }, { name: "HPSBMU03380", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143748090628601&w=2", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "MDVSA-2015:079", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1194747", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1194747", }, { name: "SSRT102066", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "http://php.net/ChangeLog-5.php", refsource: "CONFIRM", url: "http://php.net/ChangeLog-5.php", }, { name: "SUSE-SU-2015:0868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "https://bugs.php.net/bug.php?id=68901", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=68901", }, { name: "http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b", refsource: "CONFIRM", url: "http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b", }, { name: "73037", refsource: "BID", url: "http://www.securityfocus.com/bid/73037", }, { name: "RHSA-2015:1135", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1135.html", }, { name: "RHSA-2015:1053", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1053.html", }, { name: "HPSBUX03337", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143403519711434&w=2", }, { name: "[oss-security] 20150315 Re: CVE Request: PHP 5.6.6 changelog", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2015/03/15/6", }, { name: "GLSA-201606-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-10", }, { name: "RHSA-2015:1066", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1066.html", }, { name: "RHSA-2015:1218", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-1218.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2301", datePublished: "2015-03-30T10:00:00", dateReserved: "2015-03-15T00:00:00", dateUpdated: "2024-08-06T05:10:16.232Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-6489 (GCVE-0-2016-6489)
Vulnerability from cvelistv5
Published
2017-04-14 18:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/07/29/7 | mailing-list, x_refsource_MLIST | |
| http://www.ubuntu.com/usn/USN-3193-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/201706-21 | vendor-advisory, x_refsource_GENTOO | |
| https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1362016 | x_refsource_CONFIRM | |
| https://eprint.iacr.org/2016/596.pdf | x_refsource_MISC | |
| http://rhn.redhat.com/errata/RHSA-2016-2582.html | vendor-advisory, x_refsource_REDHAT | |
| https://www.oracle.com/security-alerts/cpuapr2020.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:29:20.252Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20160729 Re: CVE Request: nettle's RSA code is vulnerable to cache sharing related attacks", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/07/29/7", }, { name: "USN-3193-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3193-1", }, { name: "GLSA-201706-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201706-21", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362016", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://eprint.iacr.org/2016/596.pdf", }, { name: "RHSA-2016:2582", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2582.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-29T00:00:00", descriptions: [ { lang: "en", value: "The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T21:06:40", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { name: "[oss-security] 20160729 Re: CVE Request: nettle's RSA code is vulnerable to cache sharing related attacks", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/07/29/7", }, { name: "USN-3193-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3193-1", }, { name: "GLSA-201706-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201706-21", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362016", }, { tags: [ "x_refsource_MISC", ], url: "https://eprint.iacr.org/2016/596.pdf", }, { name: "RHSA-2016:2582", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2582.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2016-6489", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20160729 Re: CVE Request: nettle's RSA code is vulnerable to cache sharing related attacks", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/07/29/7", }, { name: "USN-3193-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3193-1", }, { name: "GLSA-201706-21", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201706-21", }, { name: "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3", refsource: "CONFIRM", url: "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1362016", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362016", }, { name: "https://eprint.iacr.org/2016/596.pdf", refsource: "MISC", url: "https://eprint.iacr.org/2016/596.pdf", }, { name: "RHSA-2016:2582", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-2582.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2016-6489", datePublished: "2017-04-14T18:00:00", dateReserved: "2016-07-28T00:00:00", dateUpdated: "2024-08-06T01:29:20.252Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }