1913 matches found
USN-1430-3: Thunderbird vulnerabilities
USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory details: Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory...
USN-1435-1: ImageMagick vulnerabilities
Joonas Kuorilehto and Aleksis Kauppinen discovered that ImageMagick incorrectly handled certain ResolutionUnit tags. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute...
Ubuntu Update for libpng USN-1417-1
Ubuntu Update for Linux kernel vulnerabilities USN-1417-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14171.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for libpng USN-1417-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libpng vulnerability (USN-1417-1)
It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the...
Apache Httpd < 2.2.23 : insecure LD_LIBRARY_PATH handling
Insecure handling of LDLIBRARYPATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory...
Ubuntu: Security Advisory (USN-1355-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Integer overflow
Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption and application crash via crafted DNS data...
DSA-2403-1 php5 - code injection
Bulletin has no description...
Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : qemu-kvm vulnerability (USN-1339-1)
Nicolae Mogoreanu discovered that QEMU did not properly verify legacy mode packets in the e1000 network driver. A remote attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. When using QEMU with libvirt or...
CVE-2011-4373
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372...
Mandriva Update for libarchive MDVSA-2011:191 (libarchive)
Check for the Version of libarchive OpenVAS Vulnerability Test Mandriva Update for libarchive MDVSA-2011:191 libarchive Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
OpenPAM - 'pam_start()' Local Privilege Escalation
source: https://www.securityfocus.com/bid/50607/info OpenPAM is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected...
Squid: Multiple vulnerabilities
Background Squid is a full-featured web proxy cache. Description Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. Impact Remote unauthenticated attackers may be able to execute arbitrary code with the privileges of the Squid...
CVE-2011-2816
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1...
Heap overflow
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434...
Apple Releases Safari 5.1 and 5.0.6
Apple has released Safari 5.1 and 5.0.6 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, perform a cross-site scripting attack, or disclose sensitive information. US-CERT encourages users and administrators to review Apple Support Article...
Mozilla Crash caused by corrupted JPEG image (MFSA 2011-21)
Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a multipart/x-mixed-replace image...
CVE-2011-2098
CVE-2011-2098 affects Adobe Reader and Acrobat on Windows and macOS, with the vulnerability stemming from memory corruption in multiple versions. Specifically, affected are Adobe Reader/Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1; exploitation could lead to arbitrary code execu...
Google Chrome Releases 12.0.742.91
Google has released Chrome 12.0.742.91 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...
FestOS <= 2.3c TinyBrowser File Upload Code Execution
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...