CVE-2006-1564

Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...

CVE-2006-1564

Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...

CVE-2006-1566

Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...

CVE-2006-1565

Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...

CVE-2006-1566

Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...

CVE-2006-1564

Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...

CVE-2006-1564

The CVE-2006-1564 entry concerns libapache2-svn 1.3.0-4 for Subversion on Debian GNU/Linux. The vulnerability stems from untrusted search paths due to RPATH values under /tmp/svn for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, potentially allowing local users to gain privileges by pl...

CVE-2006-1564

Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...

SUSE Security Announcement: binutils,kdelibs3,kdegraphics3,koffice,dia,lyx (SUSE-SA:2006:007)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUSE Security Announcement Package: binutils,kdelibs3,kdegraphics3,koffice,dia,lyx Announcement ID: SUSE-SA:2006:007 Date: Fri, 10 Feb 2006 15:00:00 +0000 Affected Products: Novell Linux Desktop 9 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE LINUX 9.2 SUSE LIN...

SUSE Linux privilege escalation

Multiple packages are erroneously compiled in a way dynamic libraries are loaded from current directory...

KDE libraries / Konqueror buffer overflow

Buffer overflow on Unicode URL parsing within JavaScript processor...

[ GLSA 200512-18 ] XnView: Privilege escalation

Gentoo Linux Security Advisory GLSA 200512-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

NView / XNView multimedia viewer / browser privilege escalation

Dynamic libraries from current directory are loaded on startup...

CVE-2005-1528

Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LDLIBRARYPATH environment variable that references a malicious library...

[SA18235] XnView / NView Insecure RPATH Vulnerability

TITLE: XnView / NView Insecure RPATH Vulnerability SECUNIA ADVISORY ID: SA18235 VERIFY ADVISORY: http://secunia.com/advisories/18235/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: XnView 1.x http://secunia.com/product/6705/ NView 4.x...

iDefense Security Advisory 12.14.05: Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow

Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow iDefense Security Advisory 12.14.05 www.idefense.com/application/poi/display?id=353&type=vulnerabilities December 14, 2005 I. BACKGROUND Trend Micro Inc.'s ServerProtect provides antivirus scanning with centralized management of virus...

CVE-2005-3665

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...

CVE-2005-3665

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...

CVE-2005-3665

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...

XSS vulnerabilities

PMASA-2005-8 Announcement-ID: PMASA-2005-8 Date: 2005-12-05 Summary XSS vulnerabilities Description It was possible to conduct an XSS attack via the HTTPHOST variable; also, some scripts in the libraries directory that handle header generation were vulnerable to XSS. Severity We consider these...