77 matches found
CVE-2015-3237
The CVE-2015-3237 issue affects curl/libcurl 7.40.0–7.42.1. In the smb_request_state() handler, two length and offset values parsed from network data are used without proper boundary checks, enabling a remote SMB server to read memory contents or trigger a crash. Impacts include information discl...
curl: information leakage
CVE-2015-3236 lingering HTTP credentials in connection re-use: libcurl can wrongly send HTTP credentials when re-using connections. libcurl allows applications to set credentials for the upcoming transfer with HTTP Basic authentication, like with CURLOPTUSERPWD for example. Name and password...
KLA10618 Information disclosure vulnerability in cURL
Multiple serious vulnerabilities have been found in cURL. Malicious users can exploit these vulnerabilities to obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown vulnerability related to SMB can be exploited remotely via specially designed length and offset...
Security fix for the ALT Linux 8 package curl version 7.43.0-alt1
June 19, 2015 Anton Farygin 7.43.0-alt1 - new version, with fixes for CVE-2015-3236, CVE-2015-3237...
Medium: curl
Issue Overview: As discussed upstream http://curl.haxx.se/docs/adv20150617A.html, libcurl can wrongly send HTTP credentials when re-using connections. CVE-2015-3236 Also discussed upstream http://curl.haxx.se/docs/adv20150617B.html, libcurl can get tricked by a malicious SMB server to send off da...
Debian DSA-3237-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2014-8159 It was found that the Linux kernel's InfiniBand/RDMA subsystem did not properly sanitize input parameters while registering memory...
Debian Security Advisory DSA 3237-1 (linux - security update)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2014-8159 It was found that the Linux kernel OpenVAS Vulnerability Test $Id: deb3237.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from...
CVE-2013-3237
The vsockstreamsendmsg function in net/vmwvsock/afvsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
CVE-2013-3237
The vsockstreamsendmsg function in net/vmwvsock/afvsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
BELL-CVE-2013-3237 CVE-2013-3237 does not affect BellSoft software
Bulletin has no description...
CVE-2013-3237
CVE-2013-3237 affects the Linux kernel’s vsock_stream_sendmsg in net/vmw_vsock/af_vsock.c, where a length variable is not initialized prior to use. This can allow local users to read sensitive data from kernel stack memory via crafted recvmsg/recvfrom syscalls. The issue is linked to the kernel v...
CVE-2013-3237
The vsockstreamsendmsg function in net/vmwvsock/afvsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
APPLE-SA-2011-10-12-4 Safari 5.1.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-4 Safari 5.1.1 Safari 5.1.1 is now available and addresses the following: Safari Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, OS X Lion Server v10.7.2, Windows 7, Vista, XP SP2 or later Impact:...
CVE-2011-3237
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1...
CVE-2011-3237
CVE-2011-3237 affects WebKit as used by Apple iTunes before version 10.5. The vulnerability allows a man-in-the-middle attacker to execute arbitrary code or cause a denial of service (memory corruption and application crash) via iTunes Store browsing-related vectors. The connected Nessus entry no...
MS10-079 / MS10-080 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2293194 / 2293211) (Mac OS X)
The remote Mac OS X host is running a version of Microsoft Office that is affected by multiple remote code execution vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted Word, Excel, or Lotus 1-2-3 file, these issues could be leveraged to execute...
VUPEN Security Research - Microsoft Office Excel Merge Cell Record Invalid Pointer Vulnerability (CVE-2010-3237)
VUPEN Security Research - Microsoft Office Excel Merge Cell Record Invalid Pointer Vulnerability CVE-2010-3237 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Excel is a powerful tool you can use to create and format spreadsheets, and analyze and sha...
CVE-2010-3237
CVE-2010-3237 is a vulnerability in Microsoft Excel (affecting Excel 2002 SP3 and Office for Mac 2004) where parsing of the Merge Cell record can be exploited to execute arbitrary code. The root cause is improper handling/validation of Merge Cell Records in Excel file formats, enabling remote cod...
Microsoft Excel Merge Cell Record Pointer (CVE-2010-3237) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Fedora 12 : horde-3.3.6-1.fc12 (2010-5520)
Upgrade to 3.3.6 - Fixes a lot of security bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...