CVE-2014-2782 (internet_explorer)

CVE-2014-2782 (internet_explorer)

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.

Source: CVE-2014-2782 (internet_explorer)

CVE-2014-4038 (enterprise_linux_server, linux_enterprise_server, ppc64-diag)

CVE-2014-4038 (enterprise_linux_server, linux_enterprise_server, ppc64-diag)

ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.

Source: CVE-2014-4038 (enterprise_linux_server, linux_enterprise_server, ppc64-diag)