» 2017 » 2월

CVE-2017-6004

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-6004

The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression.

Source: CVE-2017-6004

CVE-2017-6010

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-6010

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash.

Source: CVE-2017-6010

CVE-2017-0320

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0320

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper handling of values may cause a denial of service on the system.

Source: CVE-2017-0320

CVE-2017-0309

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0309

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where multiple integer overflows may cause improper memory allocation leading to a denial of service or potential escalation of privileges.

Source: CVE-2017-0309

CVE-2017-0317

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0317

All versions of NVIDIA GPU and GeForce Experience installer contain a vulnerability where it fails to set proper permissions on the package extraction path thus allowing a non-privileged user to tamper with the extracted files, potentially leading to escalation of privileges via code execution.

Source: CVE-2017-0317

CVE-2017-0308

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0308

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where untrusted input is used for buffer size calculation leading to denial of service or escalation of privileges.

Source: CVE-2017-0308

CVE-2017-0322

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0322

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a value passed from a user to the driver is not correctly validated and used as the index to an array, leading to denial of service or potential escalation of privileges.

Source: CVE-2017-0322

CVE-2017-0310

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0310

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service.

Source: CVE-2017-0310

CVE-2017-0323

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0323

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

Source: CVE-2017-0323

CVE-2017-0321

Posted on 2017년 2월 16일2017년 2월 16일 by admin

CVE-2017-0321

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

Source: CVE-2017-0321