5 matches found
CVE-2018-5891
While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipcdataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in...
CVE-2018-5891
While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipcdataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in...
CVE-2013-4173
Directory traversal vulnerability in the trend-data daemon xymondrrd in Xymon 4.x before 4.3.12 allows remote attackers to delete arbitrary files via a .. dot dot in the host name in a "drophost" command...
CVE-2013-4173
CVE-2013-4173 describes a directory traversal in the trend-data daemon (xymond_rrd) of Xymon 4.x prior to 4.3.12. An attacker can remotely delete arbitrary files by injecting a ".." in the host name within a drophost command, leveraging the daemon’s handling of host names. The issue is limited to...
CVE-2013-4173
Directory traversal vulnerability in the trend-data daemon xymondrrd in Xymon 4.x before 4.3.12 allows remote attackers to delete arbitrary files via a .. dot dot in the host name in a "drophost" command...