Computer Security
[EN] securityvulns.ru no-pyccku


mime-support shell characters injection
Published:30.12.2014
Source:
SecurityVulns ID:14187
Type:library
Threat Level:
6/10
Description:run-mailcap special shell characters injection.
Affected:MIMESUPPORT : mime-support 3.52
CVE:CVE-2014-7209 (run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3114-1] mime-support security update (30.12.2014)

PolarSSL DoS
Published:30.12.2014
Source:
SecurityVulns ID:14188
Type:library
Threat Level:
5/10
Description:Memory leak on certificate parsing.
CVE:CVE-2014-8628 (Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted X.509 certificates. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2014-9744 for the ClientHello message issue.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3116-1] polarssl security update (30.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod