DEBIAN-CVE-2006-3404

Buffer overflow in the xcfloadvector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via an XCF file with a large numaxes value in the VECTORS property...

CVE-2004-0138

CVE-2004-0138 affects the Linux kernel 2.4 series prior to 2.4.25. The vulnerability lies in the ELF loader: a crafted ELF with an invalid interpreter arch triggers a BUG() when an invalid VMA is unmapped, allowing local denial of service (crash). The issue is mitigated by upgrading to 2.4.25 or ...

CVE-2004-0138

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service crash via a crafted ELF file with an interpreter with an invalid arch architecture, which triggers a BUG when an invalid VMA is unmapped...

PT-2006-3356 · Popphoto · Popphoto Studio

Name of the Vulnerable Software and Affected Versions: PopPhoto Studio versions 3.5.4 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the include path parameter, specifically through the cfg'popphoto base path' variable in the...

USN-263-1: Linux kernel vulnerabilities

A flaw was found in the module reference counting for loadable protocol modules of netfilter. By performing particular socket operations, a local attacker could exploit this to crash the kernel. This flaw only affects Ubuntu 5.10. CVE-2005-3359 David Howells noticed a race condition in the addkey...

Ubuntu 4.10 / 5.04 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-263-1)

A flaw was found in the module reference counting for loadable protocol modules of netfilter. By performing particular socket operations, a local attacker could exploit this to crash the kernel. This flaw only affects Ubuntu 5.10. CVE-2005-3359 David Howells noticed a race condition in the addkey...

Ubuntu 4.10 / 5.04 / 5.10 : gtk+2.0, gdk-pixbuf vulnerabilities (USN-216-1)

Two integer overflows have been discovered in the XPM image loader of the GDK pixbuf library. By tricking an user into opening a specially crafted XPM image with any Gnome desktop application that uses this library, this could be exploited to execute arbitrary code with the privileges of the user...

USN-216-1: GDK vulnerabilities

Two integer overflows have been discovered in the XPM image loader of the GDK pixbuf library. By tricking an user into opening a specially crafted XPM image with any Gnome desktop application that uses this library, this could be exploited to execute arbitrary code with the privileges of the user...

iDEFENSE Security Advisory 11.15.05: Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability

Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability iDEFENSE Security Advisory 11.15.05 www.idefense.com/application/poi/display?id=339&type=vulnerabilities November 15, 2005 I. BACKGROUND GTK+ is a multi-platform toolkit for creating graphical user interfaces. Offering a...

Slackware 10.0 / current : GTK+ image loading flaws (SSA:2004-266-02)

New GTK+ version 2 packages are available for Slackware 10.0 and -current to fix issues in the image loader routines that can crash applications. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security...

[Full-disclosure] JBoss jBPM 2.0: Remote code execution and classloader covert channel

Security Advisory: jBPM 2.0 Date: 06/22/05 URL: http://www.illegalaccess.org/java/jbpm.php " JBoss jBPM is a flexible, extensible workflow management system." jbpm.org Problem 1: Remote code execution possible with jBPM . This allows an attacker to trigger an arbitrary executable on the jBPM/ JBo...

Fedora Core 2 : kernel-2.6.10-1.771_FC2 (2005-262)

Sun Mar 27 2005 Dave Jones - Catch up with all recent security issues. - CVE-2005-0210 : dst leak - CVE-2005-0384 : ppp dos - CVE-2005-0531 : Sign handling issues. - CVE-2005-0400 : EXT2 information leak. - CVE-2005-0449 : Remote oops. - CVE-2005-0736 : Epoll overflow - CVE-2005-0749 : ELF loader...

Linux kernel ELF core dump privilege elevation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, since it became clear from the discussion in January about the uselib vulnerability, that the Linux community prefers full, non-embargoed disclosure of kernel bugs, I release full details right now. However to follows at least some of the...

Subversion 0.3.71.0.0 - Remote Buffer Overflow

Subversion 0.3.71.0.0 - Remote Buffer Overflow / hoagiesubversion.c Remote exploit against Subversion-Servers. Author: greuff Tested on Subversion 1.0.0 and 0.37 Algorithm: This is a two-stage exploit. The first stage overflows a buffer on the stack and leaves us 60 bytes of machine code to be...

CVE-2005-0975

Integer signedness error in the parsemachfile function in the mach-o loader machloader.c for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service CPU consumption via a crafted mach-o header...

CVE-2005-0975

CVE-2005-0975 describes an integer signedness error in the Darwin kernel’s mach-o loader (mach_loader.c) used by Mac OS X 10.3.7 and earlier versions (before 10.3.9). The vulnerability allows local users to cause a denial of service (CPU consumption) by presenting a crafted mach-o header. The pro...

CVE-2005-0975

Integer signedness error in the parsemachfile function in the mach-o loader machloader.c for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service CPU consumption via a crafted mach-o header...

PT-2005-2197 · Ariadne · Ariadne Cms

Name of the Vulnerable Software and Affected Versions: Ariadne CMS version 2.4 Description: The issue concerns a PHP remote code injection vulnerability in loader.php, allegedly allowing remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remo...

USN-103-1: Linux kernel vulnerabilities

Mathieu Lafon discovered an information leak in the ext2 file system driver. When a new directory was created, the ext2 block written to disk was not initialized, so that previous memory contents which could contain sensitive data like passwords became visible on the raw device. This is...

CVE-2004-1071

The binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code...