AZL-6509 CVE-2010-0309 affecting package kernel for versions less than 5.10.78.1-1

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...

Update: [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)

Update: ------- Patch was ineffective, Length2 was fixed and both SVGNumber and SVGNumber2, but no SVGLength. Affected products : - All firefox versions below 3.5...

Solaris Update for Obsoleted by 121395-03

Check for the Version of Obsoleted by OpenVAS Vulnerability Test Solaris Update for Obsoleted by 121395-03 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Solaris Update for Install and Utilities 119255-65

Check for the Version of Install and Utilities OpenVAS Vulnerability Test Solaris Update for Install and Utilities 119255-65 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Solaris Update for Obsoleted by 116454-02

Check for the Version of Obsoleted by OpenVAS Vulnerability Test Solaris Update for Obsoleted by 116454-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

AZL-37061 CVE-2008-3908 affecting package wordnet for versions less than 3.0-43

Multiple buffer overflows in Princeton WordNet wn 3.0 allow context-dependent attackers to execute arbitrary code via 1 a long argument on the command line; a long 2 WNSEARCHDIR, 3 WNHOME, or 4 WNDBVERSION environment variable; or 5 a user-supplied dictionary aka data file. NOTE: since WordNet...

AZL-6512 CVE-2007-4998 affecting package kernel for versions less than 5.10.78.1-1

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination...

AZL-34843 CVE-2007-4998 affecting package kernel for versions less than 6.6.35.1-4

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination...

AZL-34672 CVE-2007-6109 affecting package emacs for versions less than 29.1-1

Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service application crash and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval...

Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)

Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.ex...

AZL-6828 CVE-2007-4559 affecting package python3 for versions less than 3.9.19-1

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

security flaw

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service crash via an ext2 stream with malformed data structures that triggers an error in the ext2checkpage due to a length that is smaller than the minimum...

xoops-xfsection.txt

XOOPS Module XFsection Remote File Inclusion version: 1.07 source : http://prdownloads.sourceforge.net/xoops/xoops2-modxfsection-107.zip Discovered by SpLo1T from hTTp://hacking.3Xforum.Ro Bug : http://www.site.com/modules/xfsection/modify.php?dirmodule=evilcode.txt? Shoutz t0 :...

AZL-35079 CVE-2007-2768 affecting package openssh for versions less than 9.5p1-2

OpenSSH, when using OPIE One-Time Passwords in Everything for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords OTP, a similar issue to CVE-2007-2243...

Konversation IRC Client < 0.15.1 Multiple Remote Vulnerabilities

Binary data 2547.prm...

Owl < 0.74.0 Multiple Vulnerabilities

Binary data 2479.prm...

PHP Live! < 2.8.2 Remote Configuration File Include

Binary data 2447.prm...

Moodle < 1.4.3 Glossary Module SQLi

Binary data 2388.prm...

Quicktime < 6.5.2

The remote Mac OS X host is running a version of Quicktime that is older than Quicktime 6.5.2. The remote version of this software reportedly fails to check bounds properly when decoding BMP images, leading to a heap overflow. If a remote attacker can trick a user into opening a maliciously craft...

WordPress < 1.2.1 'wp-login.php' HTTP Response Splitting

Binary data 2356.prm...