CVE-2011-0498
published 2011-01-20CVE-2011-0498: Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.74%
92.1th percentile
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nokia | multimedia_player | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9q86-3mhw-gx84: Stack-based buffer overflow in Nokia Multimedia Player 1
ghsa_unreviewed·2022-05-17
CVE-2011-0498 [HIGH] CWE-119 GHSA-9q86-3mhw-gx84: Stack-based buffer overflow in Nokia Multimedia Player 1
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
Red Hat
kernel: DoS (crash) due slab corruption in inotify_init1 (incomplete fix for CVE-2010-4250)
vendor_redhat·2011-04-05·CVSS 4.9
CVE-2011-1479 [MEDIUM] kernel: DoS (crash) due slab corruption in inotify_init1 (incomplete fix for CVE-2010-4250)
kernel: DoS (crash) due slab corruption in inotify_init1 (incomplete fix for CVE-2010-4250)
Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local users to cause a denial of service (system crash) via vectors involving failed attempts to create files. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-4250.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat
Enterprise Linux 4 and 5. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0498.html and https://rhn.redhat.com/errata/RHSA-2011-1253.html.
Package: kernel (Red Hat Enterprise Linux 6) - Affected
Package: kernel (Red Hat Enterprise Linux Extended Update Su
Red Hat
ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow
vendor_redhat·2011-03-10·CVSS 7.8
CVE-2011-2534 [HIGH] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow
ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow
Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel before 2.6.39 might allow local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '\0' character.
Statement: This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not have support for ipt_CLUSTERIP. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via http://rhn.redhat.com/errata/RHSA-2011-0833.html, http://rhn.redhat.com/errata/RHSA-2011-0498.html, and http://rhn.redhat.com/errata/RHSA-2011-0500.html.
Package: kernel (Red Hat Enterprise Linux
Red Hat
kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
vendor_redhat·2011-02-24·CVSS 1.9
CVE-2011-1019 [LOW] kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.
Statement: This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the upstream commit a8f80e8f that introduced this flaw. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0498.html and https://rhn.redhat.com/errata/RHSA-2011-0500.html.
Red Hat
kernel: drm/radeon/kms: check AA resolve registers on r300
vendor_redhat·2011-02-14·CVSS 1.9
CVE-2011-1016 [LOW] kernel: drm/radeon/kms: check AA resolve registers on r300
kernel: drm/radeon/kms: check AA resolve registers on r300
The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG as they did not backport the upstream commits fff1ce4d and 45e4039c that introduced this issue. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2011-0498.html.
Package: kernel-rt (Red Hat Enterprise MRG 1) - Affected
Red Hat
kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
vendor_redhat·2011-02-10·CVSS 2.1
CVE-2011-0711 [LOW] kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
Statement: This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not have support for the XFS file system. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise
MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-0498.html, and https://rhn.redhat.com/errata/RHSA-2011-0500.html.
No detection rules found.
2011-01-20
Published