| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-3509 |
189 |
|
DoS Overflow |
2012-09-05 |
2012-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. |
|
2 |
CVE-2012-3480 |
189 |
|
DoS Exec Code Overflow |
2012-08-25 |
2013-03-22 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. |
|
3 |
CVE-2012-3479 |
|
|
Exec Code |
2012-08-25 |
2013-04-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file. |
|
4 |
CVE-2012-3410 |
119 |
|
Overflow Bypass |
2012-08-27 |
2013-04-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix. |
|
5 |
CVE-2012-3386 |
264 |
|
Exec Code |
2012-08-07 |
2013-04-04 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors. |
|
6 |
CVE-2012-3236 |
119 |
1
|
DoS Overflow |
2012-07-12 |
2012-09-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string. |
|
7 |
CVE-2012-1663 |
399 |
|
DoS |
2012-03-13 |
2012-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list. |
|
8 |
CVE-2012-1573 |
310 |
|
DoS Mem. Corr. |
2012-03-26 |
2013-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. |
|
9 |
CVE-2012-1569 |
189 |
|
DoS Mem. Corr. |
2012-03-26 |
2013-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. |
|
10 |
CVE-2012-1175 |
189 |
|
DoS Exec Code Overflow |
2012-08-26 |
2012-08-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow. |
|
11 |
CVE-2012-0390 |
310 |
|
Exec Code |
2012-01-05 |
2012-01-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108. |
|
12 |
CVE-2012-0035 |
|
|
+Priv |
2012-01-19 |
2013-04-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file. |
|
13 |
CVE-2011-4328 |
264 |
|
+Info |
2012-06-15 |
2012-06-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (word readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information. |
