Vulnerabilities > Canonical > Ubuntu Linux > 14.04

DATE CVE VULNERABILITY TITLE RISK
2015-12-17 CVE-2015-8327 Arbitrary Command Execution vulnerability in cups-filters
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
network
low complexity
redhat linuxfoundation canonical debian
7.5
2015-12-15 CVE-2015-8317 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
network
low complexity
debian canonical xmlsoft redhat hp CWE-119
5.0
2015-12-15 CVE-2015-8242 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
5.8
2015-12-15 CVE-2015-8241 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
network
low complexity
debian redhat hp canonical xmlsoft CWE-119
6.4
2015-12-15 CVE-2015-5312 Resource Management Errors vulnerability in multiple products
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
7.1
2015-12-06 CVE-2015-3195 Information Exposure vulnerability in multiple products
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
5.3
2015-12-06 CVE-2015-3194 NULL Pointer Dereference vulnerability in multiple products
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
network
low complexity
openssl canonical debian nodejs CWE-476
7.5
2015-12-06 CVE-2015-3193 Information Exposure vulnerability in multiple products
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.
network
low complexity
openssl nodejs canonical CWE-200
7.5
2015-12-03 CVE-2015-0860 Numeric Errors vulnerability in multiple products
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow.
network
low complexity
canonical debian CWE-189
7.5
2015-11-24 CVE-2015-7981 Information Exposure vulnerability in multiple products
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
network
low complexity
canonical debian redhat libpng CWE-200
5.0