116 matches found
MGASA-2017-0268 Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-7779, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801,...
SUSE-SU-2017:1575-1 Security update for netpbm
This update for netpbm fixes the following security issues: - CVE-2017-2581: An out-of-bounds write in writeRasterPbm could lead to memory corruption and potential code execution. bsc1024287...
SUSE-SU-2017:0470-1 Security update for xorg-x11-libXpm
This update for xorg-x11-libXpm fixes the following security issue: - A heap overflow in XPM handling could be used by attackers supplying XPM files to crash or potentially execute code. bsc1021315...
SUSE-SU-2016:2872-1 Security update for bash
This update for bash fixes the following issues: - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables bsc1001299 - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the...
SUSE-SU-2016:1145-1 Security update for php53
This update for php53 fixes the following issues: - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in phargetfpoffset...
Amazon Linux: Security Advisory (ALAS-2013-155)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2015-0131 Updated firefox & thunderbird packages fix security vulnerabilities
Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...
Amazon Linux AMI : busybox (ALAS-2012-103)
A buffer underflow flaw was found in the way the uncompress utility of BusyBox expanded certain archive files compressed using Lempel-Ziv compression. If a user were tricked into expanding a specially crafted archive file with uncompress, it could cause BusyBox to crash or, potentially, execute...
Get Ready for Microsoft 13 updates for August Patch Tuesday
Get Ready for Microsoft 13 updates for August Patch Tuesday Microsoft has announced that it will release 13 bulletins to address 22 vulnerabilities in Windows, Office, Internet Explorer, .NET and Visual Studio on its next Patch Tuesday. Another "critical" bulletin affects Windows server operating...
CentOS Update for thunderbird CESA-2008:0209 centos4 x86_64
Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2008:0209 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
CVE-2008-2227
The CVE-2008-2227 entry documents a vulnerability in the PHP-Fusion Forum Rank System 6 where remote attackers can exploit directory traversal to include and execute arbitrary local files. Affects the component path by placing a .. (dot dot) in the settings[locale] parameter for two scripts (foru...
DTSA-72-1 hplip - arbitrary command execution
Bulletin has no description...
CVE-2006-3809
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context...
ARPUS/Ce - Local File Overwrite (setuid)
/ Copyright Kevin Finisterre - ripped from my perlex.c DISCLAIMER I am in no way responsible for your stupidity. DISCLAIMER I am in no way liable for any damages caused by compilation and or execution of this code. WARNING DO NOT RUN THIS UNLESS YOU KNOW WHAT YOU ARE DOING WARNING overwriting...
CVE-2005-0087
The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library...
Singapore Gallery < 0.9.11 Multiple Vulnerabilities
Singapore is a PHP based photo gallery web application. The remote version of this software is affected by multiple vulnerabilities that may allow an attacker to read arbitrary files on the remote host or to execute arbitrary PHP commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
GLSA-200411-30 : pdftohtml: Vulnerabilities in included Xpdf
The remote host is affected by the vulnerability described in GLSA-200411-30 pdftohtml: Vulnerabilities in included Xpdf Xpdf is vulnerable to multiple integer overflows, as described in GLSA 200410-20. Impact : An attacker could entice a user to convert a specially crafted PDF file, potentially...
CVE-2003-0066
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to...
Trillian < 3.1.10.0 Multiple Vulnerabilities
Binary data 4515.prm...
Ethereal 0.x - Multiple iSNS SMB SNMP Protocol Dissector Vulnerabilities
Ethereal 0.x - Multiple iSNS SMB SNMP Protocol Dissector Vulnerabilities // source: https://www.securityfocus.com/bid/10672/info Ethereal 0.10.5 has been released to address multiple vulnerabilities, including an iSNS protocol dissector vulnerability, a SMB protocol dissector vulnerability, and a...