74 matches found
CVE-2011-4640
Summary (CVE-2011-4640): A local file inclusion in WebTitan/SpamTitan prior to version 3.60 via logs-x.php (fname parameter in the view action) allows remote authenticated users to read arbitrary files by crafting a dot-dot (“..”) path. The Nuclei template confirms the vulnerability class and aff...
Mandriva Update for mplayer MDVSA-2011:088 (mplayer)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for ffmpeg MDVSA-2011:061 (ffmpeg)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2010-4640
XWiki Watch 1.0 is affected by multiple Cross-Site Scripting (XSS) vulnerabilities. The issues arise from user-supplied input in the rev parameter for bin/viewrev/Main/WebHome and bin/view/Blog, and in the register_first_name/register_last_name parameters for bin/register/XWiki/Register. Impact d...
Debian: Security Advisory (DSA-2000-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2000-1] New ffmpeg packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2000-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 18, 2010 http://www.debian.org/security/faq -...
CVE-2009-4640
Array index error in vorbisdec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read...
CVE-2009-4640
FFmpeg 0.5 contains an array index error in vorbis_dec.c (CVE-2009-4640) that can be triggered by a crafted Vorbis file to cause a denial of service and possibly execute arbitrary code via an out-of-bounds read; this is documented across Mandriva advisories and OpenVAS entries, with patched relea...
CVE-2009-4640
Array index error in vorbisdec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read...
openSUSE Security Update : jhead (jhead-399)
This update of jhead fixes several security problems : - CVE-2008-4575: buffer overflow in DoCommand - CVE-2008-4639: local symlink attack - CVE-2008-4640: DoCommand allowed deletion of arbitrary files - CVE-2008-4641: execution of arbitrary shell commands in DoCommand %NASLMINLEVEL 70300 C Tenab...
Mandriva Linux Security Advisory : jhead (MDVSA-2009:041)
Security vulnerabilities have been identified and fixed in jhead. Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service crash CVE-2008-4575. Jhead before 2.84 allows local users to overwrite arbitrary files via a symlin...
Fedora 10 : jhead-2.86-1.fc10 (2009-1824)
fixes 'CVE-2008-4640 jhead: arbitrary file deletion' 468056 fixes 'CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes' 468057 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Fedora Core 10 FEDORA-2009-1824 (jhead)
The remote host is missing an update to jhead announced via advisory FEDORA-2009-1824. OpenVAS Vulnerability Test $Id: fcore20091824.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1824 jhead Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 9 FEDORA-2009-1776 (jhead)
The remote host is missing an update to jhead announced via advisory FEDORA-2009-1776. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-1776 (jhead)
The remote host is missing an update to jhead announced via advisory FEDORA-2009-1776. OpenVAS Vulnerability Test $Id: fcore20091776.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1776 jhead Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora 9 : jhead-2.86-1.fc9 (2009-1776)
fixes 'CVE-2008-4640 jhead: arbitrary file deletion' 468056 fixes 'CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes' 468057 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Mandrake Security Advisory MDVSA-2009:041 (jhead)
The remote host is missing an update to jhead announced via advisory MDVSA-2009:041. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandrake Security Advisory MDVSA-2009:041 (jhead)
The remote host is missing an update to jhead announced via advisory MDVSA-2009:041. OpenVAS Vulnerability Test $Id: mdksa2009041.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:041 jhead Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3)
The remote host is missing updates announced in advisory SUSE-SR:2009:001. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...
openSUSE 10 Security Update : jhead (jhead-5899)
This update of jhead fixes several security problems : - CVE-2008-4575: buffer overflow in DoCommand - CVE-2008-4639: local symlink attack - CVE-2008-4640: DoCommand allowed deletion of arbitrary files - CVE-2008-4641: execution of arbitrary shell commands in DoCommand %NASLMINLEVEL 70300 C Tenab...