Vulnerability & Exploit Database

Displaying all 10 entries

Results for: CVE-2014-3532 Back to search

Alpine Linux: CVE-2014-8961: phpmyadmin multiple issues Vulnerability

  • Severity: 4
  • Published: November 29, 2014

Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter.

Alpine Linux: CVE-2014-8958: phpmyadmin multiple issues Vulnerability

  • Severity: 4
  • Published: November 29, 2014

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a c...

Alpine Linux: CVE-2014-8959: phpmyadmin multiple issues Vulnerability

  • Severity: 7
  • Published: November 29, 2014

Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.

Alpine Linux: CVE-2014-8960: phpmyadmin multiple issues Vulnerability

  • Severity: 4
  • Published: November 29, 2014

Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.

Alpine Linux: CVE-2014-3532: dbus bugs in file descriptor passing Vulnerability

  • Severity: 2
  • Published: July 18, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.

SUSE: CVE-2014-3532: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: July 18, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.

Oracle Solaris 11: CVE-2014-3532: Vulnerability in DBus Vulnerability

  • Severity: 2
  • Published: July 18, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.

FreeBSD: dbus -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 2
  • Published: July 01, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.

DSA-2971-1 dbus -- security update Vulnerability

  • Severity: 2
  • Published: June 30, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.

USN-2275-1: DBus vulnerabilities Vulnerability

  • Severity: 2
  • Published: June 30, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.