Vulnerability & Exploit Database

Displaying entries 1 - 10 of 11 in total

Results for: CVE-2017-2475 Back to search

SUSE: CVE-2017-1000112: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: August 11, 2017

Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths excee...

SUSE: CVE-2017-9242: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 26, 2017

The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

SUSE: CVE-2017-7645: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: April 18, 2017

The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.

Ubuntu: USN-3257-1 (CVE-2017-2475): WebKitGTK+ vulnerabilities Vulnerability

  • Severity: 4
  • Published: April 01, 2017

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.

Oracle Solaris 11: CVE-2017-2475 (11.4 GA) Vulnerability

  • Severity: 4
  • Published: April 01, 2017

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.

Gentoo Linux: CVE-2017-2475: WebKitGTK+: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: April 01, 2017

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.

Alpine Linux: CVE-2017-2475: webkit2gtk Several vulnerabilities Vulnerability

  • Severity: 4
  • Published: April 01, 2017

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.

Apple Safari security update for CVE-2017-2475 Vulnerability

  • Severity: 4
  • Published: March 28, 2017

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.

Red Hat: CVE-2016-7796: Moderate: systemd security update (RHSA-2017:0003) Vulnerability

  • Severity: 5
  • Published: October 13, 2016

The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.

Debian: CVE-2016-7796: systemd - security update Vulnerability

  • Severity: 5
  • Published: October 13, 2016

The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.