Vulnerability & Exploit Database

Displaying entries 1 - 10 of 30 in total

Results for: CVE-2011-1141 Back to search

Cent OS: CVE-2011-1182: CESA-2011:0927 (kernel) Vulnerability

  • Severity: 4
  • Published: March 01, 2013

kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.

DSA-2519-2 isc-dhcp -- several vulnerabilities Vulnerability

  • Severity: 6
  • Published: July 25, 2012

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

USN-1141-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 8
  • Published: June 21, 2012

The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (...

Cent OS: CVE-2011-1160: CESA-2011:1386 (kernel) Vulnerability

  • Severity: 2
  • Published: June 21, 2012

The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors.

Cent OS: CVE-2011-1080: CESA-2011:0833 (kernel) Vulnerability

  • Severity: 2
  • Published: June 21, 2012

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a ...

Cent OS: CVE-2011-1079: CESA-2011:0833 (kernel) Vulnerability

  • Severity: 5
  • Published: June 21, 2012

The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.<...

Cent OS: CVE-2011-1078: CESA-2012:1156 (kernel) Vulnerability

  • Severity: 2
  • Published: June 21, 2012

The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.

Cent OS: CVE-2011-4611: CESA-2012:0350 (kernel) Vulnerability

  • Severity: 5
  • Published: May 17, 2012

Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events.

FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 10
  • Published: April 25, 2012

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.

Cent OS: CVE-2011-1573: CESA-2011:0927 (kernel) Vulnerability

  • Severity: 5
  • Published: February 01, 2012

net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data.