The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Mandriva Business Server

computer vulnerability CVE-2014-9092

libjpeg-turbo: denial of service via Exif Marker

Synthesis of the vulnerability

Impacted products: Fedora, MBS, openSUSE, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 10/07/2018.
Identifiers: CVE-2014-9092, FEDORA-2014-17543, FEDORA-2014-17561, FEDORA-2015-2580, FEDORA-2015-2615, MDVSA-2015:014, MDVSA-2015:152, openSUSE-SU-2014:1637-1, USN-3706-1, USN-3706-2, VIGILANCE-VUL-26665.

Description of the vulnerability

An attacker can generate a fatal error via Exif Marker of libjpeg-turbo, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2013-4234

libmodplug: buffer overflow via abc_MIDI_drum/gchord

Synthesis of the vulnerability

Impacted products: Debian, Fedora, MBS, openSUSE, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 28/05/2018.
Identifiers: CVE-2013-4234, DSA-2751-1, FEDORA-2014-3791, FEDORA-2014-3795, MDVSA-2013:232, openSUSE-SU-2013:1635-1, openSUSE-SU-2013:1637-1, SUSE-SU-2018:1441-1, VIGILANCE-VUL-26243.

Description of the vulnerability

An attacker can generate a buffer overflow via abc_MIDI_drum/gchord() of libmodplug, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2014-9157

Graphviz: memory corruption

Synthesis of the vulnerability

Impacted products: Debian, Fedora, MBS, openSUSE Leap, Solaris, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 06/12/2017.
Identifiers: bulletinjul2017, CVE-2014-9157, DSA-3098-1, FEDORA-2014-15811, FEDORA-2014-15812, MDVSA-2014:248, MDVSA-2015:187, openSUSE-SU-2017:3222-1, USN-2435-1, VIGILANCE-VUL-24660.

Description of the vulnerability

An attacker can generate a memory corruption of Graphviz, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2014-3209

ldns: information disclosure via Private Keys

Synthesis of the vulnerability

Impacted products: MBS, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 23/11/2017.
Identifiers: CVE-2014-3209, MDVSA-2014:085, USN-3491-1, VIGILANCE-VUL-24520.

Description of the vulnerability

An attacker can bypass access restrictions to data via Private Keys of ldns, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2012-6303

Snack Sound Toolkit: buffer overflow via GetWavHeader

Synthesis of the vulnerability

Impacted products: Fedora, MBS, openSUSE, openSUSE Leap.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 15/11/2017.
Identifiers: CVE-2012-6303, FEDORA-2013-0098, FEDORA-2013-0110, MDVSA-2013:126, openSUSE-SU-2015:0382-1, openSUSE-SU-2017:3016-1, VIGILANCE-VUL-24451.

Description of the vulnerability

An attacker can generate a buffer overflow via GetWavHeader of Snack Sound Toolkit, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2014-0250

FreeRDP: buffer overflow via Width/Height

Synthesis of the vulnerability

Impacted products: MBS, openSUSE, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 08/08/2017.
Identifiers: CVE-2014-0250, MDVSA-2015:171, openSUSE-SU-2014:0862-1, USN-3380-1, VIGILANCE-VUL-23464.

Description of the vulnerability

An attacker can generate a buffer overflow via Width/Height of FreeRDP, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2014-9640

vorbis-tools: out-of-bounds memory reading via oggenc

Synthesis of the vulnerability

Impacted products: Debian, Fedora, MBS, openSUSE.
Severity: 1/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 03/07/2017.
Identifiers: CVE-2014-9640, DLA-1010-1, FEDORA-2015-1191, FEDORA-2015-1253, MDVSA-2015:037, openSUSE-SU-2015:0231-1, VIGILANCE-VUL-23121.

Description of the vulnerability

An attacker can force a read at an invalid address via oggenc of vorbis-tools, in order to trigger a denial of service, or to obtain sensitive information.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2014-4975

Ruby: buffer overflow via encodes

Synthesis of the vulnerability

Impacted products: Debian, MBS, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 20/04/2017.
Identifiers: CVE-2014-4975, DSA-3157-1, MDVSA-2014:225, MDVSA-2015:129, openSUSE-SU-2017:1128-1, RHSA-2014:1912-01, RHSA-2014:1913-01, RHSA-2014:1914-01, SUSE-SU-2017:1067-1, USN-2397-1, VIGILANCE-VUL-22519.

Description of the vulnerability

An attacker can generate a buffer overflow via encodes() of Ruby, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2012-4433

gegl: buffer overflow via ppm-load

Synthesis of the vulnerability

Impacted products: Fedora, MBS, openSUSE, openSUSE Leap, Solaris, RHEL, Slackware.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 28/03/2017.
Identifiers: CVE-2012-4433, FEDORA-2013-12075, FEDORA-2013-12108, FEDORA-2013-12115, MDVSA-2013:081, openSUSE-SU-2012:1627-1, openSUSE-SU-2013:0159-1, openSUSE-SU-2017:0828-1, RHSA-2012:1455-01, SSA:2017-270-01, VIGILANCE-VUL-22267.

Description of the vulnerability

An attacker can generate a buffer overflow via ppm-load of gegl, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2014-0791

FreeRDP: buffer overflow

Synthesis of the vulnerability

Impacted products: MBS, openSUSE, openSUSE Leap, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 28/09/2016.
Identifiers: CVE-2014-0791, MDVSA-2015:171, openSUSE-SU-2014:0862-1, openSUSE-SU-2016:2400-1, openSUSE-SU-2016:2402-1, USN-3380-1, VIGILANCE-VUL-20709.

Description of the vulnerability

An attacker can generate a buffer overflow of FreeRDP, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.