CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 65771 | CVE-2013-5824 | Candidate | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5832, and CVE-2013-5852. | Assigned (20130918) | None (candidate not yet proposed) | View | |
| 66027 | CVE-2013-6080 | Candidate | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. | Assigned (20131011) | None (candidate not yet proposed) | View | |
| 747 | CVE-1999-0767 | Candidate | Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | Proposed (19991214) | ACCEPT(4) Baker, Blake, Cole, Dik | MODIFY(2) Frech, Stracener | REVIEWING(2) Christey, Prosser | Stracener> Add Ref: CIAC: J-069 | Frech> XF:sun-libc-lcmessages | Prosser> BID 268 is an additional reference for this one as it has info on the Sun | vulnerability. However, BID 268 also includes AIX in this vulnerability and | refs APARS issued to fix a vulnerability in various "nixs with the Natural | Language Service environmental variables NSLPATH and PATH_LOCALE depending | on the "nix, ref CERT CA-97.10, CVE-1999-0041. However, Georgi Guninski | reported a BO in AIX with LC_MESSAGES + mount, also refed in BID 268, so it | is possible the AIX APARs fix an earlier, similar vulnerability to the Sun | BO in LC_MESSAGES. This should probably be considered under a different | CAN. Any ideas? | Christey> Given that the buffer overflows in CVE-1999-0041 are NLSPATH | and PATH_LOCALE, I"d say that"s good evidence that this is not | the same problem. But a buffer overflow in libc in | LC_MESSAGES... We must ask if these are basically the same | codebase. | | ADDREF CIAC:J-069 | Christey> While the description indicates multiple programs, CD:SF-EXEC | does not apply because the vulnerability was in libc, and | rcp and ufsrestore were both statically linked against libc. | Thus CD:SF-LOC applies, and a single candidate is maintained | because the problem occurred in a library. | Dik> Sun bug 4240566 | Christey> I"m consulting with Casper Dik and Troy Bollinger to see if | this should be combined with the AIX buffer overflows for | LC_MESSAGES; current indications are that they should be | split. | Christey> For further consultation, consider this post, though it"s | associated with CVE-1999-0041: | BUGTRAQ:19970213 Linux NLSPATH buffer overflow | http://www.securityfocus.com/archive/1/6296 | Also add "NLSPATH" and "PATH_LOCALE" to the description to | facilitate search. | View |
| 66283 | CVE-2013-6336 | Candidate | The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | Assigned (20131031) | None (candidate not yet proposed) | View | |
| 1003 | CVE-1999-1023 | Candidate | useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. | Proposed (20010912) | ACCEPT(1) Dik | MODIFY(1) Frech | NOOP(3) Cole, Foat, Wall | Dik> sun bug: 4222400 | Frech> XF:solaris-useradd-expired-accounts(8375) | CONFIRM:(2.6)110883-01, (2.6_x86) 110884-01, (7)110869-01, | (7_x86) 110870-01 | View |
Page 18663 of 20943, showing 5 records out of 104715 total, starting on record 93311, ending on 93315
