» 2017 » 2월

CVE-2016-4488 (libiberty)

Posted on 2017년 2월 25일2017년 2월 28일 by admin

CVE-2016-4488 (libiberty)

Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."

Source: CVE-2016-4488 (libiberty)

CVE-2016-2226 (libiberty)

Posted on 2017년 2월 25일2017년 2월 28일 by admin

CVE-2016-2226 (libiberty)

Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.

Source: CVE-2016-2226 (libiberty)

CVE-2016-4042 (plone)

Posted on 2017년 2월 25일2017년 2월 28일 by admin

CVE-2016-4042 (plone)

Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

Source: CVE-2016-4042 (plone)

CVE-2016-4487 (libiberty)

Posted on 2017년 2월 25일2017년 2월 28일 by admin

CVE-2016-4487 (libiberty)

Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."

Source: CVE-2016-4487 (libiberty)

CVE-2016-5027 (libdwarf)

Posted on 2017년 2월 25일2017년 2월 28일 by admin

CVE-2016-5027 (libdwarf)

dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file.

Source: CVE-2016-5027 (libdwarf)

CVE-2016-4493 (libiberty)

Posted on 2017년 2월 25일2017년 2월 28일 by admin

CVE-2016-4493 (libiberty)

The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.

Source: CVE-2016-4493 (libiberty)

CVE-2016-4043

Posted on 2017년 2월 25일2017년 2월 25일 by admin

CVE-2016-4043

Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates.

Source: CVE-2016-4043

CVE-2016-4042

Posted on 2017년 2월 25일2017년 2월 25일 by admin

CVE-2016-4042

Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

Source: CVE-2016-4042

CVE-2016-4041

Posted on 2017년 2월 25일2017년 2월 25일 by admin

CVE-2016-4041

Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors.

Source: CVE-2016-4041

CVE-2016-4491

Posted on 2017년 2월 25일2017년 2월 25일 by admin

CVE-2016-4491

The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."

Source: CVE-2016-4491