Vulnerability & Exploit Database

Displaying entries 1 - 10 of 11 in total

Results for: CVE-2014-1539 Back to search

SUSE: CVE-2016-4470: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: June 27, 2016

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

Red Hat: CVE-2016-4470: Important: kernel security update ((Multiple Advisories)) Vulnerability

  • Severity: 5
  • Published: June 27, 2016

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

F5 Networks: K55672042 (CVE-2016-4470): Linux kernel vulnerability CVE-2016-4470 Vulnerability

  • Severity: 5
  • Published: June 27, 2016

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

CentOS: (CVE-2016-4470) (Multiple Advisories): kernel Vulnerability

  • Severity: 5
  • Published: June 27, 2016

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

Amazon Linux AMI: CVE-2016-4470: Security patch for kernel (ALAS-2016-726) Vulnerability

  • Severity: 5
  • Published: June 27, 2016

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

SUSE Linux Security Advisory: SUSE-SU-2014:1100-1 Vulnerability

  • Severity: 10
  • Published: September 03, 2014

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incor...

SUSE: CVE-2014-1539: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: June 11, 2014

Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.

Oracle Solaris 11: CVE-2014-1539: Vulnerability in Firefox Vulnerability

  • Severity: 5
  • Published: June 11, 2014

Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.