1000 matches found
USN-2872-2 linux-lts-wily vulnerability
Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2871-2 linux-lts-vivid vulnerability
Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2873-1 linux-lts-utopic vulnerability
Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2870-1 linux vulnerability
Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)
ISC reports : Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193. Incorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. RT40945 Insufficient testing when...
cups: incorrect string reference counting (VU#810572)
A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker could submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded, which in turn allowed...
USN-2629-1 cups vulnerabilities
It was discovered that CUPS incorrectly handled reference counting when handling localized strings. A remote attacker could use this issue to escalate permissions, upload a replacement CUPS configuration file, and execute arbitrary code. CVE-2015-1158 It was discovered that the CUPS templating...
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
Debian DLA-203-1 : openldap security update
Multiple vulnerabilities were found in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. Please carefully check whether you are affected by CVE-2014-9713: if you are, you will need to manually upgrade your configuration! See below for more details on this. Just upgradi...
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...
CVE-2014-8967
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...
Design/Logic Flaw
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...
CVE-2014-8967
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...
(0Day) Microsoft Internet Explorer display:run-in Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
CentOS 6 : kernel (CESA-2014:1392)
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the sixth regular update. Red Hat Product Security has rated this...
kernel: futex: refcount issue in case of requeue
A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futexwait. A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
RHEL 6 : kernel (RHSA-2014:1392)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1392 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way t...