136 matches found
MDVA-2011:011 : mono-tools
A dependency problem was discovered with mono-tools in that it required a much older version of libxulrunner than the current latest one, this advisory addresses this problem. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:...
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:042)
Security issues were identified and fixed in mozilla-thunderbird : Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service memory...
Mandriva Linux Security Advisory : firefox (MDVSA-2011:041)
Cross-site request forgery CSRF vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a...
Mandriva Update for avahi MDVSA-2011:037 (avahi)
Check for the Version of avahi OpenVAS Vulnerability Test Mandriva Update for avahi MDVSA-2011:037 avahi Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
MDVA-2011:007 : clamav
This is a bugfix release that upgrades clamav to the latest version 0.97. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/productinfo.php?cPath=149&productsid=490 %NASLMINLEVEL 70300 @DEPRECATED@ This script...
Mandriva Linux Security Advisory : banshee (MDVSA-2011:034)
A vulnerability has been found and corrected in banshee : The 1 banshee-1 and 2 muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
Mandriva Linux Security Advisory : eclipse (MDVSA-2011:032)
A vulnerability has been found and corrected in eclipse : Multiple cross-site scripting XSS vulnerabilities in the Help Contents web application aka the Help Server in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 help/index.jsp o...
Mandriva Linux Security Advisory : tomcat5 (MDVSA-2011:030)
Multiple vulnerabilities has been found and corrected in tomcat5 : When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the...
Mandriva Update for openssl MDVSA-2011:028 (openssl)
Check for the Version of openssl OpenVAS Vulnerability Test Mandriva Update for openssl MDVSA-2011:028 openssl Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Update for mysql MDVA-2011:005 (mysql)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Linux Security Advisory : proftpd (MDVSA-2011:023)
A vulnerability has been found and corrected in proftpd : Heap-based buffer overflow in the sqlpreparewhere function contrib/modsql.c in ProFTPD before 1.3.3d, when modsql is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...
Mandriva Linux Security Advisory : postgresql (MDVSA-2011:021)
A vulnerability was discovered and corrected in postgresql : Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to...
Mandriva Linux Security Advisory : pango (MDVSA-2011:020)
A vulnerability has been found and corrected in pango : Heap-based buffer overflow in the pangoft2fontrenderboxglyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of servi...
MDVA-2011:002 : cyrus-sasl
The saslauth daemon cyrus-sasl could crash under heavy load. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/productinfo.php?cPath=149&productsid=490 The updated packages has been patched to address this...
Mandriva Linux Security Advisory : xfig (MDVSA-2011:010)
Multiple vulnerabilities has been found and corrected in xfig : Stack-based buffer overflow in the read13textobject function in freadold.c in Xfig 3.2.5b and earlier, and in the readtextobject function in read13.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute...
Mandriva Linux Security Advisory : subversion (MDVSA-2011:006)
Multiple vulnerabilities has been found and corrected in subversion : The walk function in repos.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service NULL pointer dereference and...
Mandriva Update for sudo MDVSA-2011:018 (sudo)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for cyrus-sasl MDVA-2011:002 (cyrus-sasl)
Check for the Version of cyrus-sasl OpenVAS Vulnerability Test Mandriva Update for cyrus-sasl MDVA-2011:002 cyrus-sasl Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...
Mandriva Update for libxml2 MDVSA-2010:260 (libxml2)
Check for the Version of libxml2 OpenVAS Vulnerability Test Mandriva Update for libxml2 MDVSA-2010:260 libxml2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Update for xulrunner MDVA-2010:242 (xulrunner)
Check for the Version of xulrunner OpenVAS Vulnerability Test Mandriva Update for xulrunner MDVA-2010:242 xulrunner Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...