5 matches found
DEBIAN-CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
DEBIAN-CVE-2010-2431
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the 1 /var/cache/cups/remote.cache or 2 /var/cache/cups/job.cache file...
DEBIAN-CVE-2010-2350
Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PNG file...
DEBIAN-CVE-2010-1748
The cgiinitializestring function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % percent character without two subsequent hex characters, which...
DEBIAN-CVE-2010-2060
The put command functionality in beanstalkd 1.4.5 and earlier allows remote attackers to execute arbitrary Beanstalk commands via the body in a job that is too big, which is not properly handled by the dispatchcmd function in prot.c...