Ubuntu Update for ghostscript vulnerabilities USN-961-1

Ubuntu Update for Linux kernel vulnerabilities USN-961-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9611.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for ghostscript vulnerabilities USN-961-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2010-0266

Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PRATTACHMETHOD property value of ATTACHBYREFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachme...

Mandriva Update for lftp MDVSA-2010:128 (lftp)

Check for the Version of lftp OpenVAS Vulnerability Test Mandriva Update for lftp MDVSA-2010:128 lftp Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CVE-2010-2251

The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted...

CVE-2010-2252

GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL wit...

Input validation

tifgetimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG...

CVE-2010-2201

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the 1 pushstring 0x2C operator, 2 debugfile 0xF1 operator, and an "invalid pointer vulnerability" that triggers...

CVE-2010-2202

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210,...

CVE-2010-2203

Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors...

Ubuntu Update for cups, cupsys vulnerabilities USN-952-1

Ubuntu Update for Linux kernel vulnerabilities USN-952-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9521.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for cups, cupsys vulnerabilities USN-952-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Design/Logic Flaw

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances...

CVE-2010-2067

CVE-2010-2067 describes a stack-based buffer overflow in LibTIFF via a long EXIF SubjectDistance field in TIFF images, affecting LibTIFF up to version 3.9.4. The vulnerability allows remote attackers to trigger application crashes or possibly execute arbitrary code. Affected component: LibTIFF (t...

CVE-2010-1753

ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted JPEG image...

CVE-2010-2420

Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser 1.0.0 and 1.0.5 alpha, a module for the Sleipnir web browser, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to the Gecko engine...

CVE-2010-0542

The WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service NULL pointer dereference or heap memory corruption or possibly execute arbitrar...

Stack overflow

Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long Content-Length header...

CVE-2010-0284

Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console aka Access Management Console in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with...

CVE-2010-2315

PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter...

CVE-2010-2297

rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table...

CVE-2010-2302

Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE:...