Search Results (Refine Search)
- CPE Product Version: cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-5144 |
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." Published: December 12, 2012; 6:38:44 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-5688 |
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. Published: December 06, 2012; 6:45:48 AM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2012-3955 |
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. Published: September 14, 2012; 6:33:21 AM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2012-3509 |
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. Published: September 05, 2012; 7:55:01 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-3425 |
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. Published: August 13, 2012; 4:55:09 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-3867 |
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences. Published: August 06, 2012; 12:55:06 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-3954 |
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. Published: July 25, 2012; 6:42:35 AM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2012-3571 |
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. Published: July 25, 2012; 6:42:35 AM -0400 |
V3.x:(not available) V2.0: 6.1 MEDIUM |
CVE-2009-4135 |
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. Published: December 11, 2009; 11:30:00 AM -0500 |
V3.x:(not available) V2.0: 4.4 MEDIUM |