spamassassin security update

CentOS Errata and Security Advisory CESA-2007:0492 Updated spamassassin packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SpamAssassin provides a way to...

Multiple mutt tempfile race conditions

Race condition in the safeopen function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the OEXCL flag on NFS filesystems...

CVE-2007-2519

Directory traversal vulnerability in the installer in PEAR 1.0 through 1.5.3 allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in the 1 install-as attribute in the file element in package.xml 1.0 or the 2 as attribute in the install element in package.xm...

Directory traversal

Directory traversal vulnerability in the installer in PEAR 1.0 through 1.5.3 allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in the 1 install-as attribute in the file element in package.xml 1.0 or the 2 as attribute in the install element in package.xm...

Code injection

The PrecisionID Barcode 1.9 ActiveX control in PrecisionIDBarcode.dll, when Internet Explorer 6 is used, allows remote attackers to overwrite arbitrary files via a full pathname to the SaveToFile function, a different vulnerability than CVE-2007-2744...

CVE-2007-2755

CVE-2007-2755 : The PrecisionID Barcode 1.9 ActiveX control (PrecisionID_Barcode.dll) is vulnerable when used with Internet Explorer 6. An attacker can overwrite arbitrary files by passing a full pathname to the SaveToFile function, representing a file-write condition that is separate from CVE-20...

DEBIAN-CVE-2007-2654

xfsfsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems...

CVE-2007-2654

xfsfsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems...

PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite

PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite source: https://www.securityfocus.com/bid/24111/info PEAR is prone to a vulnerability that lets attackers overwrite arbitrary files. An attacker-supplied package may supply directory-traversal strings through the 'install-as' attribut...

CVE-2007-0237

The ndeb-binary feature in Lookup lookup-el allows local users to overwrite arbitrary files via a symlink attack on temporary files...

Authentication flaw

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution...

CVE-2007-1384

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename...

UBUNTU-CVE-2007-1329

Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . dot characters adjacent to 1 users and 2 users/members strings, which are removed by blacklisting functions that filter the...

CVE-2007-0007

gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the 1 gnucash.trace, 2 qof.trace, and 3 qof.trace.PID temporary files...

CVE-2007-0007

gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the 1 gnucash.trace, 2 qof.trace, and 3 qof.trace.PID temporary files...

CVE-2007-0007

gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the 1 gnucash.trace, 2 qof.trace, and 3 qof.trace.PID temporary files...

CVE-2007-0898

Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. dot dot in the id MIME header parameter in a multi-part message...

CVE-2007-0898

Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. dot dot in the id MIME header parameter in a multi-part message...

CVE-2007-0915

Distributed SLS daemon SLSd on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request...

CVE-2007-0915

CVE-2007-0915 affects the HP-UX SLSd service (Distributed SLS daemon) on HP-UX B.11.11. The vulnerability allows remote attackers to overwrite arbitrary files and gain privileges by sending a crafted RPC request. The NVD entry lists a high impact with CVSS v2 base score 10.0 (AV:N/AC:L/Au:N/C:C/I...