Lucene search
K

94 matches found

Tenable Nessus
Tenable Nessus
added 2017/06/20 12:0 a.m.31 views

Debian DSA-3889-1 : libffi - security update (Stack Clash)

libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, like for...

7CVSS7.3AI score0.00503EPSS
Exploits0References6
NVD
NVD
added 2017/06/19 4:29 p.m.15 views

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

7CVSS7.1AI score0.00503EPSS
Exploits0References4
Prion
Prion
added 2017/06/19 4:29 p.m.19 views

Code injection

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

6.9CVSS7.1AI score0.00503EPSS
Exploits0References4Affected Software5
OSV
OSV
added 2017/06/19 4:29 p.m.2 views

DEBIAN-CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

7CVSS9.3AI score0.00503EPSS
Exploits0References1
OSV
OSV
added 2017/06/19 4:29 p.m.19 views

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

7CVSS7.1AI score0.00503EPSS
Exploits0References4
Debian
Debian
added 2017/06/19 4:24 p.m.27 views

[SECURITY] [DSA 3889-1] libffi security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3889-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez June 19, 2017 https://www.debian.org/security/faq -...

7CVSS6.9AI score0.00503EPSS
Exploits0
Debian CVE
Debian CVE
added 2017/06/19 4:0 p.m.17 views

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

7CVSS7.4AI score0.00503EPSS
Exploits0
CVE
CVE
added 2017/06/19 4:0 p.m.218 views

CVE-2017-1000376

CVE-2017-1000376 affects libffi. The vulnerability enables an executable stack that can be exploited to trigger arbitrary code execution on 32-bit x86 systems prior to libffi 3.1; upstream is believed to have fixed the issue in version 3.1. Other references indicate that libffi 3.1.x mitigates th...

7CVSS7.2AI score0.00503EPSS
Exploits0References4Affected Software3
Cvelist
Cvelist
added 2017/06/19 4:0 p.m.36 views

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

7.3AI score0.00503EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/06/19 12:0 a.m.28 views

Debian Security Advisory DSA 3889-1 (libffi - security update)

libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, like for...

6.9CVSS0.4AI score0.00503EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/06/19 12:0 a.m.4 views

PT-2017-3250 · Gnu +1 · Libffi +1

Name of the Vulnerable Software and Affected Versions: libffi versions prior to 3.1 Description: The issue is caused by libffi requesting an executable stack, allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. This is due to a buffer overflow operation in...

7CVSS7.4AI score0.00503EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2017/06/19 12:0 a.m.18 views

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

7CVSS7.6AI score0.00503EPSS
Exploits0References5
OSV
OSV
added 2017/06/19 12:0 a.m.1 views

UBUNTU-CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

7CVSS7.6AI score0.00503EPSS
Exploits0References6
OSV
OSV
added 2017/06/19 12:0 a.m.19 views

DSA-3889-1 libffi - security update

Bulletin has no description...

7CVSS6.9AI score0.00503EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/06/18 12:0 a.m.21 views

Debian: Security Advisory (DSA-3889-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.1AI score0.00503EPSS
Exploits0References4
OSV
OSV
added 2017/02/03 5:46 p.m.4 views

SUSE-SU-2017:0379-1 Security update for gcc48

This update for gcc48 to version 4.8.5 fixes several issues. This security issue was fixed: - CVE-2015-5276: The std::randomdevice class in libstdc++ did not properly handle short reads from blocking sources, which made it easier for context-dependent attackers to predict the random values via...

5CVSS8.6AI score0.02941EPSS
Exploits0References24
Symantec
Symantec
added 2016/07/16 12:0 a.m.25 views

libffi CVE-2017-1000376 Arbitrary Code Execution Vulnerability

Description libffi is prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Libffi Project libffi Oracle PeopleSoft PeopleTools 8.56 Oracle PeopleSoft...

6.9CVSS3.1AI score0.00503EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information

The multiple vulnerabilities in the libffi3 package of the Debian GNU/Linux operating system may lead to a violation of the integrity of protected information. These vulnerabilities can be exploited remotely...

2.6CVSS5.4AI score0.03827EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.5 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information

The libffi3-dev package for the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to damage to the integrity of protected information. These vulnerabilities can be exploited remotely...

2.6CVSS5.5AI score0.03827EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/04/18 12:0 a.m.34 views

openSUSE Security Update : gcc5 (openSUSE-2016-472)

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The following non-security issues...

5CVSS7.4AI score0.02941EPSS
Exploits0References11
Rows per page
Query Builder