Vulnerability & Exploit Database

Displaying entries 1 - 10 of 13 in total

Results for: CVE-2013-2207 Back to search

Ubuntu: (Multiple Advisories) (CVE-2013-2207): GNU C Library regression Vulnerability

  • Severity: 3
  • Published: October 09, 2013

pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.

SUSE Linux Security Vulnerability: CVE-2013-2207 Vulnerability

  • Severity: 3
  • Published: October 09, 2013

pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.

Gentoo Linux: CVE-2013-2207: GNU C Library: Multiple vulnerabilities Vulnerability

  • Severity: 3
  • Published: October 09, 2013

pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.

Alpine Linux: CVE-2013-1961: Multiple security issues in libtiff Vulnerability

  • Severity: 9
  • Published: July 03, 2013

Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.

Alpine Linux: CVE-2013-1960: Multiple security issues in libtiff Vulnerability

  • Severity: 9
  • Published: July 03, 2013

Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.

Sun Patch: SunOS 5.10_x86: Oracle Java Web Console 3.1 Patch Vulnerability

  • Severity: 8
  • Published: February 06, 2012

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

Sun Patch: SunOS 5.10: Oracle Java Web Console 3.1 Patch Vulnerability

  • Severity: 8
  • Published: February 06, 2012

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

Sun Patch: SunOS 5.9_x86: tomcat security patch Vulnerability

  • Severity: 8
  • Published: July 13, 2010

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

Sun Patch: SunOS 5.9: tomcat security patch Vulnerability

  • Severity: 8
  • Published: July 13, 2010

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

Sun Patch: Application Server Enterprise Edition 8.2, _x86, Patch18 : SVR Vulnerability

  • Severity: 6
  • Published: November 26, 2007

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does...