Imlib 2: User-assisted execution of arbitrary code

Background Imlib 2 is an advanced replacement library for libraries like libXpm. Description Stefan Cornelius Secunia Research reported two boundary errors in Imlib2: One of them within the load function in the file src/modules/loaders/loaderpnm.c when processing the header of a PNM image file,...

CVE-2008-2388

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...

Code injection

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...

CVE-2008-2388

CVE-2008-2388 affects opensuse-updater in openSUSE 10.2. The vulnerability is described as multiple off-by-one errors in the updater component, with the impact and attack vectors stated as unspecified. The vendor notes these “can be considered no security problem,” and no concrete exploitation de...

CVE-2008-2388

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...

setroubleshoot security and bug fix update

setroubleshoot: 2.0.5-3.0.1.el5 - replace missed references to bugzilla.redhat.com with linux.oracle.com 2.0.5-3 - Resolve: bug 436564: socket.getsockopt on ppc generates exception Fix typo in original setroubleshoot-getcredentials.patch 2.0.5-2 - Resolve: bug 437857: python error in system...

Joovili 3.1 (browse.videos.php category) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Joovili 3.1 browse.videos.php category SQL Injection Vulnerability ==================================================================== -Joovili- Rem0te SQL Injection...

Directory traversal

Multiple directory traversal vulnerabilities in the Default theme in Exero CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme parameter to 1 index.php, 2 editpassword.php, and 3 avatar.php in usercp/; 4 custompage.php; 5...

Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities

No description provided by source. Exero CMS 1.0.1 theme Multiple Local File Inclusion Vulnerabilities Script : http://switch.dl.sourceforge.net/sourceforge/exerocms/ExeroCMS1-0-1.rar Home Page : http://ecms.getox.net/ POC : /ExeroCMS1-0-1/themes/Default/usercp/index.php?theme=Local File %00...

USN-582-2: Thunderbird regression

USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that...

Dovecot mail_extra_groups setting is often used insecurely

mailextragroups=mail setting is often used insecurely to give Dovecot access to create dotlocks to /var/mail directory. If you don't use mboxes in /var/mail, make sure this setting is cleared. If you do use /var/mail mboxes and Dovecot gives permission errors without it, do one of the following i...

Important: cups security update

1.1.17-13.3.51 - Prevented invalid memory accesses when a class and its singleton printer are timed out in the same sweep CVE-2008-0597, bug 433827. 1.1.17-13.3.50 - Back-ported mimeDeleteType from 1.2.x CVE-2008-0596, bug 433827. 1.1.17-13.3.49 - Prevent double-free when a browsed class has the...

GLSA-200802-05 : Gnumeric: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200802-05 Gnumeric: User-assisted execution of arbitrary code Multiple integer overflow and signedness errors have been reported in the excelreadHLINK function in file plugins/excel/ms-excel-read.c when processing XLS HLINK opcode...

Memory corruption

Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block FIB of a Word file, which triggers length calculation errors and memory corruption...

CVE-2008-0109

CVE-2008-0109 affects Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Word Viewer 2003. The root cause is a memory corruption in parsing certain fields in the File Information Block (FIB) of Word documents, triggered by crafted content, enabling remote code execution. Impact is fu...

CVE-2008-0109

Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block FIB of a Word file, which triggers length calculation errors and memory corruption...

Gnumeric: User-assisted execution of arbitrary code

Background The Gnumeric spreadsheet is a versatile application developed as part of the GNOME Office project. Description Multiple integer overflow and signedness errors have been reported in the excelreadHLINK function in file plugins/excel/ms-excel-read.c when processing XLS HLINK opcodes. Impa...

Fedora 8 : gnumeric-1.6.3-14.fc8 (2008-1403)

Fix integer overflow and signedness errors in XLS processing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 7 : openldap-2.3.34-6.fc7 (2008-1307)

Tue Feb 5 2008 Jan Safranek 2.3.34-6 - fix CVE-2007-6698 431409 - Mon Jan 14 2008 Jan Safranek 2.3.34-5 - fix default slurpd directory to /var/lib/ldap 424831 - Fri Nov 2 2007 Jan Safranek 2.3.34-4 - fix various security flaws 360081 - Fri Jul 13 2007 Jan Safranek 2.3.34-3 - Fix initscript return...

Fedora 7 : gnumeric-1.6.3-14.fc7 (2008-1313)

Fix integer overflow and signedness errors in XLS processing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...