Vulnerability & Exploit Database

Displaying entries 1 - 10 of 48 in total

Results for: CVE-2013-0216 Back to search

ELSA-2015-0696 Important: Oracle Linux freetype security update Vulnerability

  • Severity: 8
  • Published: February 08, 2015

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

MS13-094: Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514) Vulnerability

  • Severity: 5
  • Published: November 12, 2013

This security update resolves a publicly disclosed vulnerability in Microsoft Outlook. The vulnerability could allow information disclosure if a user opens or previews a specially crafted email message using an affected edition of Microsoft Outlook. An attacker who successfully exploited this vulnerability could ascertain system informat...

RHSA-2013:0747: kernel security and bug fix update Vulnerability

  • Severity: 6
  • Published: March 22, 2013

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.This update fixes the following security issues:Red Hat would like to thank the Xen project for reporting the CVE-2013-0216and CVE-2013-0231 issues.This update also fixes the following bugs:Users should upgrade to these updated packages, which contain bac...

ELSA-2013-0747-1 Moderate: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 6
  • Published: March 22, 2013

The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.

ELSA-2013-0747 Moderate: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 6
  • Published: March 22, 2013

The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.

USN-1774-1: Linux kernel (OMAP4) vulnerabilities Vulnerability

  • Severity: 7
  • Published: February 21, 2013

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

USN-1769-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 7
  • Published: February 21, 2013

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

USN-1768-1: Linux kernel (Quantal HWE) vulnerabilities Vulnerability

  • Severity: 7
  • Published: February 21, 2013

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

USN-1767-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 7
  • Published: February 21, 2013

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

USN-1760-1: Linux kernel (Oneiric backport) vulnerabilities Vulnerability

  • Severity: 7
  • Published: February 21, 2013

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.