FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 06:34:59 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4b3a7e70-afce-11e5-b864-14dae9d210b8mono -- DoS and code execution

NCC Group reports:

An attacker who can cause a carefully-chosen string to be converted to a floating-point number can cause a crash and potentially induce arbitrary code execution.


Discovery 2015-12-19
Entry 2015-12-31
mono
< 4.2

http://seclists.org/oss-sec/2015/q4/543
CVE-2009-0689
c0cae920-c4e9-11e4-898e-90e6ba741e35mono -- TLS bugs

The Mono project reports:

Mono’s implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. Details of this vulnerability are discussed in SKIP-TLS post.

Mono’s implementation of SSL/TLS also contained support for the weak EXPORT cyphers and was susceptible to the FREAK attack.


Discovery 2015-03-06
Entry 2015-03-07
mono
< 3.10.1

>= 3.12 lt 3.12.1

http://www.mono-project.com/docs/about-mono/vulnerabilities/#tls-bugs