Weekly Vulnerabilities Reports > January 30 to February 5, 2012
Overview
2 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 2 products from 2 vendors including Linux, and Redhat. Vulnerabilities are notably categorized as "NULL Pointer Dereference", and "Incorrect Calculation".
- 1 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities are exploitable by an anonymous user.
- Linux has the most reported vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
1 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-02-02 | CVE-2011-2525 | Linux Redhat | NULL Pointer Dereference vulnerability in multiple products The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. | 7.8 |
1 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-02-02 | CVE-2011-1573 | Linux | Incorrect Calculation vulnerability in Linux Kernel net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data. | 5.9 |
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|