Ubuntu Update for linux-mvl-dove USN-1303-1

Ubuntu Update for Linux kernel vulnerabilities USN-1303-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13031.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-mvl-dove USN-1303-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...

Ubuntu Update for linux-ti-omap4 USN-1304-1

Ubuntu Update for Linux kernel vulnerabilities USN-1304-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13041.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ti-omap4 USN-1304-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...

USN-1300-1 : linux-fsl-imx51 vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 A flaw was found in the Journaling Block Device JBD. A local attacker able to mount ext3 or ext4 file...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1299-1)

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to...

Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1301-1)

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

USN-1302-1 : linux-ti-omap4 vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

USN-1300-1: Linux kernel (FSL-IMX51) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 A flaw was found in the Journaling Block Device JBD. A local attacker able to mount ext3 or ext4 file...

Oracle Outside In CorelDRAW File Parser Integer Overflow (CVE-2011-2264; CVE-2011-3541)

An integer overflow vulnerability has been reported in Oracle Outside-In. The vulnerability is due to improper bounds checking of user-supplied values while parsing malicious CorelDRAW cdr files. A remote attacker may exploit this vulnerability by sending a malicious CDR file to a target user...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers...

Moderate: Red Hat Security Advisory: kexec-tools security, bug fix, and enhancement update

An updated kexec-tools package that fixes three security issues, various bugs, and adds enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

Cytel Studio CY3 File Processing Buffer Overflow

Added: 12/05/2011 BID: 49924 OSVDB: 75991 Background Cytel Inc. provides clinical trial design services and specialized statistical applications primarily for the biotech and pharmaceutical research markets. StatXact is a statistical software package based on the exact branch of statistics used b...

Adobe Flash Player ATF Data Buffer Overflow (APSB11-28; CVE-2011-2456)

A stack buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient bounds checking of user supplied input while loading Adobe Texture Format ATF data. A remote attacker could exploit this vulnerability by enticing a user to open a web page...

Adobe ColdFusion Multiple Path Disclosure Vulnerabilities (Nov 2011)

Adobe ColdFusion is prone to multiple path disclosure vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Wireshark LWRES Dissector getaddrsbyname Buffer Overflow (CVE-2010-0304)

A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to insufficient boundary checking in the getaddrsbyname method. A remote attacker may exploit this vulnerability by sending an overly long string parameter to this method. Successful exploitation would allow...

Thunderbird 7.x Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 7.x is potentially affected by the following security issues : - Certain invalid sequences are not handled properly in 'Shift-JIS' encoding, which can allow cross-site scripting attacks. CVE-2011-3648 - Profiling JavaScript files with many functions can cause...

Microsoft Windows TrueType Font File Parsing Code Execution (CVE-2011-3402)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to improper bounds checking when parsing specially crafted TrueType Font TTF files. A remote attacker may exploit this vulnerability by enticing an affected user to open a specially crafted TTF...

Permission Checking Bug in FishEye Changeset Tooltips

We have identified and fixed a permission checking bug in the FishEye changeset tooltips. Affected versions are 2.4.6 to 2.5.6 This bug allows users to view metadata for a changesets that they do not have permission to view. This issue is reported in our security advisory on the following page:...

Permission Checking Bug in FishEye Changeset Tooltips

We have identified and fixed a permission checking bug in the FishEye changeset tooltips. Affected versions are 2.4.6 to 2.5.6 This bug allows users to view metadata for a changesets that they do not have permission to view. This issue is reported in our security advisory on the following page:...

EMC AutoStart Login Request Stack Buffer Overflow (CVE-2011-2735)

A remote code execution vulnerability has been reported in EMC AutoStart. The vulnerability is due to improper boundary checking in EMC AutoStart's Agent Service. A remote attacker may exploit this vulnerability by sending a malicious Login request to an affected service. Successful exploitation...

Adobe Photoshop CS5 GIF File Heap Corruption (CVE-2011-2131)

A remote code execution vulnerability has been reported in Adobe Photoshop CS5. The vulnerability is due to insufficient boundary checking while handling crafted GIF files. A remote attacker may trigger this vulnerability by enticing an unsuspecting user to open a malicious GIF file. Successful...