Lucene search
K

82 matches found

F5 Networks
F5 Networks
added 2016/02/04 12:0 a.m.24 views

SOL16015326 - libtar vulnerability CVE-2013-4397

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.8CVSS3.2AI score0.05485EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.18 views

Oracle: Security Advisory (ELSA-2013-1418)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.05485EPSS
Exploits1References2
NVD
NVD
added 2015/06/15 2:59 p.m.14 views

CVE-2015-4397

Cross-site request forgery CSRF vulnerability in the Node Template module for Drupal allows remote attackers to hijack the authentication of users with the "access node template" permission for requests that delete node templates via unspecified vectors...

6.8CVSS7.1AI score0.00581EPSS
Exploits0References2
CVE
CVE
added 2015/06/15 2:0 p.m.43 views

CVE-2015-4397

CVE-2015-4397 describes a Cross-Site Request Forgery (CSRF) in the Drupal Node Template module. The vulnerability allows an attacker to hijack the authentication of users who have the access node template permission to delete node templates, via requests triggered from the user's browser (vectors...

6.8CVSS7.3AI score0.00581EPSS
Exploits0References2Affected Software1
Drupal
Drupal
added 2015/04/22 12:0 a.m.18 views

Node Template - Moderately Critical - Cross Site Request Forgery (CSRF) - Unsupported - SA-CONTRIB-2015-099

Node Template module enables you to define any node as a node template and it can be duplicated later. The module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause a user with "access node template" permission to delete node templates by getting their browser to make...

6.8CVSS6.3AI score0.00581EPSS
Exploits0References8
CVE
CVE
added 2014/09/19 10:0 a.m.61 views

CVE-2014-4401

The CVE concerns Apple OS X prior to 10.9.5 and the Intel Graphics Driver subsystem. It describes an unspecified integrated graphics driver routine that does not properly validate calls, allowing arbitrary code execution in a privileged context via a crafted application. The impact is a local cod...

6.9CVSS7.2AI score0.00435EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/09/19 10:0 a.m.60 views

CVE-2014-4397

Technical details (affected component, root cause, vulnerable versions, exploitability, or fixes) are not publicly available in the provided documents. Monitor for updates.

6.9CVSS7.2AI score0.00492EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow

No description provided by source. $Id: caarcserve342.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2013/12/30 12:0 a.m.57 views

[SECURITY] [DSA 2817-1] libtar security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2817-1 [email protected] http://www.debian.org/security/ Luciano Bello December 14, 2013 http://www.debian.org/security/faq -...

6.8CVSS2.1AI score0.05485EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/12/16 12:0 a.m.34 views

Debian DSA-2817-1 : libtar - Integer overflow

Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.8CVSS8.7AI score0.05485EPSS
Exploits1References5
Debian
Debian
added 2013/12/14 12:24 p.m.25 views

[SECURITY] [DSA 2817-1] libtar security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2817-1 [email protected] http://www.debian.org/security/ Luciano Bello December 14, 2013 http://www.debian.org/security/faq -...

6.8CVSS6.4AI score0.05485EPSS
Exploits1
OpenVAS
OpenVAS
added 2013/12/14 12:0 a.m.22 views

Debian Security Advisory DSA 2817-1 (libtar - Integer overflow)

Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2817.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2817-1 using...

6.8CVSS0.8AI score0.05485EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2013/11/11 12:0 a.m.32 views

Fedora 20 : libtar-1.2.11-27.fc20 (2013-18877)

fix CVE-2013-4397: buffer overflows by expanding a specially crafted archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

6.8CVSS8.4AI score0.05485EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/10/21 12:0 a.m.24 views

Fedora 19 : libtar-1.2.11-26.fc19 (2013-18808)

fix CVE-2013-4397: buffer overflows by expanding a specially crafted archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

6.8CVSS8.4AI score0.05485EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/10/20 12:0 a.m.20 views

Fedora 18 : libtar-1.2.11-25.fc18 (2013-18785)

fix CVE-2013-4397: buffer overflows by expanding a specially crafted archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

6.8CVSS8.4AI score0.05485EPSS
Exploits1References3
OSV
OSV
added 2013/10/17 11:55 p.m.8 views

CVE-2013-4397

Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...

7.7AI score
Exploits0References13
CVE
CVE
added 2013/10/17 11:0 p.m.86 views

CVE-2013-4397

Concretely, CVE-2013-4397 affects the libtar library (libtar) prior to 1.2.20. The vulnerability arises from integer overflows in the th_read() function in lib/block.c, enabling a heap-based buffer overflow when processing long names or links in tar archives. Exploitation could result in remote d...

6.8CVSS7.7AI score0.05485EPSS
Exploits1References12Affected Software1
Mageia
Mageia
added 2013/10/17 7:37 p.m.30 views

Updated libtar packages fixes security vulnerability

Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code CVE-2013-4397...

6.8CVSS4AI score0.05485EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/10/15 12:0 a.m.21 views

CentOS Update for libtar CESA-2013:1418 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS8.5AI score0.05485EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/10/11 12:0 a.m.26 views

RHEL 6 : libtar (RHSA-2013:1418)

An updated libtar package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.8CVSS8.3AI score0.05485EPSS
Exploits1References3
Rows per page
Query Builder