Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:vmware:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-1097 |
The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. Published: May 17, 2012; 7:00:37 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2012-1090 |
The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. Published: May 17, 2012; 7:00:37 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2012-0879 |
The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context. Published: May 17, 2012; 7:00:36 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2011-3026 |
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Published: February 16, 2012; 3:55:04 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-0449 |
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document. Published: February 01, 2012; 11:55:01 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-0444 |
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. Published: February 01, 2012; 11:55:01 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-0442 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Published: February 01, 2012; 11:55:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-3659 |
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. Published: February 01, 2012; 11:55:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-4517 |
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file. Published: December 14, 2011; 10:57:34 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2011-4516 |
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file. Published: December 14, 2011; 10:57:34 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2011-3439 |
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. Published: November 11, 2011; 1:55:01 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-3171 |
Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors. Published: November 04, 2011; 5:55:02 PM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-2011-3192 |
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. Published: August 29, 2011; 11:55:02 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2011-1083 |
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. Published: April 04, 2011; 8:27:57 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2011-0762 |
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. Published: March 02, 2011; 3:00:01 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2010-4160 |
Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call. Published: January 07, 2011; 7:00:48 AM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-4164 |
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873. Published: January 03, 2011; 3:00:42 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-4163 |
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device. Published: January 03, 2011; 3:00:42 PM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2010-4162 |
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. Published: January 03, 2011; 3:00:42 PM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2010-4258 |
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. Published: December 30, 2010; 2:00:04 PM -0500 |
V3.x:(not available) V2.0: 6.2 MEDIUM |