condor: buffer overflow in lookup_macro

Stack-based buffer overflow in the condor schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

Apache Tomcat's default security policy is too open

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...

Amarok 'MagnatuneBrowser::listDownloadComplete()'不安全临时文件建立漏洞

BUGTRAQ ID: 30662 CNCAN ID：CNCAN-2008081412 Amarok是一款Linux/Unix平台下的音乐播放器。 Amarok不安全处理临时文件，本地攻击者可以利用漏洞通过符号链接攻击破坏系统文件。 问题存在于'MagnatuneBrowser::listDownloadComplete'函数中，由于不安全建立临时文件，攻击者通过符号链接以用户进程权限覆盖系统的任意文件，造成拒绝服务或特权提升。 Amarok 1.4.9 1 目前没有解决方案提供： http://amarok.kde.org/...

mysql server DoS

No description is available for this CVE...

PHP 32 bit weak random seed

The GENERATESEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mtrand functions an...

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

Java Web Start, untrusted application may determine Cache Location (6704074)

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...

ruby: Integer overflows in rb_str_buf_append()

Multiple integer overflows in the rbstrbufappend function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that...

[SECURITY] Fedora 9 Update: jetty-5.1.14-1jpp.2.fc9

Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server like Apache in order to use java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate...

No title provided

The initrequestinfo function in sapi/cgi/cgimain.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATHTRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI...

Firefox file location escaping flaw

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting XSS attacks or have unspecified other impact via a crafted filename...

mod_jk chunk too long

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajpprocesscallback in modjk, which allows remote attackers to read portions of sensitive memory...

bash bug fix update

2.05b-41.7.0.2 - Removed the dependency on libncurses.so...

JRE image parsing library allows privilege escalation (CVE-2008-1194)

Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application...

JRE image parsing library allows privilege escalation (CVE-2008-1194)

Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application...

tk: GIF handling buffer overflow

Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk Tcl/Tk before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484...

Applets or Applications are allowed to display an oversized window

Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner...

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...

Mozilla layout engine crashes

The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via vectors related to the 1 nsTableFrame::GetFrameAtOrBefore, 2...