Suse Linux Enterprise Server vulnerabilities

CVE-2013-5615 [CRITICAL] CVE-2013-5615: The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderb The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.

CVE-2013-5613 [CRITICAL] CWE-416 CVE-2013-5613: Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox be Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related

CVE-2013-5616 [CRITICAL] CWE-416 CVE-2013-5616: Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla F Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listen

CVE-2013-6671 [CRITICAL] CWE-94 CVE-2013-6671: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24 The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

CVE-2013-5609 [CRITICAL] CVE-2013-5609: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox E Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2013-5618 [CRITICAL] CWE-416 CVE-2013-5618: Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user inte Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.

CVE-2011-1585 [LOW] CWE-264 CVE-2011-1585: The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not prope The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.

CVE-2012-5830 [HIGH] CWE-416 CVE-2012-5830: Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunde Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.

CVE-2011-3026 [MEDIUM] CWE-190 CVE-2011-3026: Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

CVE-2010-3881 [LOW] CWE-200 CVE-2010-3881: arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.

CVE-2010-4494 [HIGH] CWE-415 CVE-2010-4494: Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.5 Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

CVE-2010-4008 [MEDIUM] CWE-119 CVE-2010-4008: libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, an libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

CVE-2010-2537 [HIGH] CVE-2010-2537: The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local us The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

CVE-2010-3081 [HIGH] CWE-119 CVE-2010-3081: The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.3 The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER ge

CVE-2010-2942 [MEDIUM] CWE-401 CVE-2010-2942: The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-r The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gac

CVE-2010-3078 [MEDIUM] CWE-200 CVE-2010-3078: The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.

CVE-2010-2495 [CRITICAL] CWE-476 CVE-2010-2495: The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing cha

CVE-2010-2798 [HIGH] CWE-476 CVE-2010-2798: The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incor The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, rela

CVE-2010-2960 [HIGH] CWE-476 CVE-2010-2960: The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and ear The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl fu

CVE-2010-2524 [HIGH] CVE-2010-2524: The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, rel