The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Solaris

vulnerability CVE-2014-9157

Graphviz: memory corruption

Synthesis of the vulnerability

An attacker can generate a memory corruption of Graphviz, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, openSUSE Leap, Solaris, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 06/12/2017.
Identifiers: bulletinjul2017, CVE-2014-9157, DSA-3098-1, FEDORA-2014-15811, FEDORA-2014-15812, MDVSA-2014:248, MDVSA-2015:187, openSUSE-SU-2017:3222-1, USN-2435-1, VIGILANCE-VUL-24660.

Description of the vulnerability

An attacker can generate a memory corruption of Graphviz, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-7843 CVE-2017-7844

Mozilla Firefox: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Mozilla Firefox.
Impacted products: Debian, Fedora, Firefox, openSUSE Leap, Solaris, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 05/12/2017.
Identifiers: bulletinjan2018, CERTFR-2017-AVI-446, CERTFR-2017-AVI-455, CVE-2017-7843, CVE-2017-7844, DLA-1202-1, DSA-4062-1, FEDORA-2017-1be05999bb, FEDORA-2017-2c15e19fb5, FEDORA-2017-bfd2d4afce, FEDORA-2018-16a76da6cc, FEDORA-2018-3ec87df5ba, FEDORA-2018-4e65ec8cc4, FEDORA-2018-e1539d9bc6, MFSA-2017-28, openSUSE-SU-2017:3272-1, RHSA-2017:3382-01, VIGILANCE-VUL-24649.

Description of the vulnerability

An attacker can use several vulnerabilities of Mozilla Firefox.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-14974

GNU Binutils: NULL pointer dereference via _get_synthetic_symtab

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via _get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-14974, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24629.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via _get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-14745

GNU Binutils: integer overflow via _get_synthetic_symtab

Synthesis of the vulnerability

An attacker can generate an integer overflow via _get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-14745, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24628.

Description of the vulnerability

An attacker can generate an integer overflow via _get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-14729

GNU Binutils: buffer overflow via _get_synthetic_symtab

Synthesis of the vulnerability

An attacker can generate a buffer overflow via _get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-14729, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24627.

Description of the vulnerability

An attacker can generate a buffer overflow via _get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-14529

GNU Binutils: out-of-bounds memory reading via pe_print_idata

Synthesis of the vulnerability

An attacker can force a read at an invalid address via pe_print_idata() of GNU Binutils, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-14529, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24626.

Description of the vulnerability

An attacker can force a read at an invalid address via pe_print_idata() of GNU Binutils, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-14333

GNU Binutils: integer overflow via process_version_sections

Synthesis of the vulnerability

An attacker can generate an integer overflow via process_version_sections() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-14333, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24625.

Description of the vulnerability

An attacker can generate an integer overflow via process_version_sections() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-14128 CVE-2017-14129 CVE-2017-14130

GNU Binutils: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of GNU Binutils.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: user access/rights, data reading, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-14128, CVE-2017-14129, CVE-2017-14130, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24624.

Description of the vulnerability

An attacker can use several vulnerabilities of GNU Binutils.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-13757

GNU Binutils: out-of-bounds memory reading via elf_i386_get_synthetic_symtab

Synthesis of the vulnerability

An attacker can force a read at an invalid address via elf_i386_get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-13757, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24623.

Description of the vulnerability

An attacker can force a read at an invalid address via elf_i386_get_synthetic_symtab() of GNU Binutils, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-12799

GNU Binutils: buffer overflow via elf_read_notes

Synthesis of the vulnerability

An attacker can generate a buffer overflow via elf_read_notes() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: openSUSE Leap, Solaris.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 04/12/2017.
Identifiers: bulletinapr2018, CVE-2017-12799, openSUSE-SU-2017:3199-1, VIGILANCE-VUL-24622.

Description of the vulnerability

An attacker can generate a buffer overflow via elf_read_notes() of GNU Binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Solaris: