Redhat

Storage

31 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2012-0876

  • EPSS 0.3%
  • Published 03.07.2012 19:55:02
  • Last modified 11.04.2025 00:51:21

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file wit...

6.5

CVE-2012-0037

Exploit
  • EPSS 0.53%
  • Published 17.06.2012 03:41:40
  • Last modified 11.04.2025 00:51:21

Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity ...

9.3

CVE-2012-1938

Exploit
  • EPSS 1.25%
  • Published 05.06.2012 23:55:01
  • Last modified 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex...

6.5

CVE-2012-1798

  • EPSS 1.41%
  • Published 05.06.2012 22:55:10
  • Last modified 11.04.2025 00:51:21

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

6.5

CVE-2012-0260

  • EPSS 1.94%
  • Published 05.06.2012 22:55:07
  • Last modified 11.04.2025 00:51:21

The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.

5.5

CVE-2012-0248

  • EPSS 0.29%
  • Published 05.06.2012 22:55:07
  • Last modified 11.04.2025 00:51:21

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.

8.8

CVE-2012-0247

  • EPSS 4.21%
  • Published 05.06.2012 22:55:06
  • Last modified 11.04.2025 00:51:21

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.

9.8

CVE-2012-1823

Warning Exploit
  • EPSS 94.39%
  • Published 11.05.2012 10:15:48
  • Last modified 11.04.2025 00:51:21

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by ...

6.8

CVE-2011-3045

  • EPSS 5.81%
  • Published 22.03.2012 16:55:01
  • Last modified 09.06.2025 16:15:22

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly exe...

4.3

CVE-2012-0053

  • EPSS 70.5%
  • Published 28.01.2012 04:05:00
  • Last modified 11.04.2025 00:51:21

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors i...