Vulnerability & Exploit Database

Displaying entries 1 - 10 of 13 in total

Results for: CVE-2013-3232 Back to search

SUSE Linux Security Advisory: SUSE-SU-2014:1100-1 Vulnerability

  • Severity: 10
  • Published: September 03, 2014

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incor...

USN-1883-1: Linux kernel (OMAP4) vulnerabilities Vulnerability

  • Severity: 8
  • Published: June 07, 2013

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not prope...

USN-1882-1: Linux kernel (OMAP4) vulnerabilities Vulnerability

  • Severity: 8
  • Published: June 07, 2013

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not prope...

USN-1879-1: Linux kernel (OMAP4) vulnerabilities Vulnerability

  • Severity: 8
  • Published: June 07, 2013

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not prope...

USN-1849-1: Linux kernel (Raring HWE) vulnerability Vulnerability

  • Severity: 8
  • Published: June 07, 2013

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not prope...

USN-1881-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 7
  • Published: May 03, 2013

The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.

USN-1880-1: Linux kernel (Quantal HWE) vulnerabilities Vulnerability

  • Severity: 7
  • Published: May 03, 2013

The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.

USN-1878-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 5
  • Published: April 22, 2013

net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

USN-1837-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 5
  • Published: April 22, 2013

net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

SUSE Linux Security Vulnerability: CVE-2013-3232 Vulnerability

  • Severity: 5
  • Published: April 22, 2013

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.