kernel: tipc: heap overflow in tipc_msg_build()

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...

MySQL Handler Multiple Denial Of Service Vulnerabilities

MySQL is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql";...

Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)

This host is missing a critical security update according to Microsoft Bulletin MS08-052. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Code injection

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...

Vulnerability in Windows Media File Format Could Allow Remote Code Execution

This host is missing a critical security update according to Microsoft Bulletin MS07-068. OpenVAS Vulnerability Test $Id: gbms07-068.nasl 5863 2017-04-05 07:38:11Z antu123 $ Vulnerability in Windows Media File Format Could Allow Remote Code Execution Authors: Madhuri D Copyright: Copyright c 2011...

Vulnerability in Windows Media File Format Could Allow Remote Code Execution

This host is missing a critical security update according to Microsoft Bulletin MS07-068. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782)

This host is missing a critical security update according to Microsoft Bulletin MS07-047. OpenVAS Vulnerability Test $Id: gbms07-047.nasl 5362 2017-02-20 12:46:39Z cfi $ Vulnerabilities in Windows Media Player Could Allow Remote Code Execution 936782 Authors: Madhuri D Copyright: Copyright c 2011...

WordPress < 3.0.4 KSES Library XSS Vulnerability - Active Check

WordPress is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

kernel: tipc: heap overflow in tipc_msg_build()

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...

Debian DSA-2139-1 : phpmyadmin - several vulnerabilities

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-4329 Cross site scripting was possible in search, that allowed a remote attacker to inject arbitrary...

CVE-2010-3859

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...

CVE-2010-3859

CVE-2010-3859 stems from multiple signedness errors in the Linux kernel’s TIPC implementation, allowing local privilege escalation via a crafted sendmsg that triggers a heap-based buffer overflow in tipc_msg_build and related iovec handling (verify_iovec). Public sources confirm affected historic...

CVE-2010-3859

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...

bind: key algorithm rollover may mark secure answers as insecure

named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service DNSSEC validati...

bind: key algorithm rollover may mark secure answers as insecure

named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service DNSSEC validati...

SuSE 11 / 11.1 Security Update : acroread_ja (SAT Patch Numbers 3638 / 3639)

This update of acroread fixes two critical vulnerabilities. The first one in referenced by CVE-2010-3654 and exists in the integrated authplay component that may allow remote attackers to take control over a victims system. CVE-2010-3654: CVSS v2 Base Score: 6.8 critical AV:N/AC:M/Au:N/C:P/I:P/A:...

Multiple Vulnerabilities in Hycus CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Hycus CMS which could be exploited to perform SQL injection attacks, gain access to sensitive information and compromise vulnerable system. 1 SQL injection vulnerabilities in Hycus CMS: CVE-2010-4612 The...

SuSE 10 Security Update : CUPS (ZYPP Patch Number 7244)

This update fixes the following vulnerabilities in cups : - A specially crafted PDF file could crash the pdftops potentially even cause execution of arbitrary code. CVE-2010-3702: CVSS v2 Base Score: 5.8. CVE-2010-3702 - A NULL pointer dereference issue exists in the WriteProlog function of...

SuSE 11 Security Update : libtheora (SAT Patch Number 2067)

An integer overflow was fixed in libtheora. It could be exploited remotely to execute arbitrary code. CVE-2009-3389: CVSS v2 Base Score: 9.3 HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C: Numeric Errors. CWE-189 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

php: information leak vulnerability in var_export()

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...