CVE-2011-0347

This CVE (CVE-2011-0347) corresponds to a high-severity vulnerability in Microsoft Internet Explorer on Windows XP, involving an incorrect GUI display triggered via DOM-related vectors (cross_fuzz). The OpenVAS entries group this under a Windows Shell/IE flaw (MS11-006) with a CVSS v2 base score ...

Memory corruption

The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service heap memory corruption and panic or possibly have unspecified other impact via malformed 1 X25FACCALLINGAE or 2 X25FACCALLEDAE data, related t...

CVE-2010-4565

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

Design/Logic Flaw

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...

CVE-2010-3859

CVE-2010-3859 stems from multiple signedness errors in the Linux kernel’s TIPC implementation, allowing local privilege escalation via a crafted sendmsg that triggers a heap-based buffer overflow in tipc_msg_build and related iovec handling (verify_iovec). Public sources confirm affected historic...

CVE-2010-3874

CVE-2010-3874: Heap-based buffer overflow in the bcm_connect function of net/can/bcm.c (Broadcast Manager) in the Linux kernel CAN implementation. Affects 64-bit kernels, before 2.6.36.2, enabling local attackers to cause memory corruption and a denial of service via a connect operation. The conn...

CVE-2010-4565

The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...

CVE-2010-3859

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipcmsgbuild function in net/tipc/msg.c and the verifyiovec function in...

web Thunder remote arbitrary file reading vulnerability-vulnerability warning-the black bar safety net

web Thunderbolt in the design and implementation problems, leading to a malicious attacker can read the install web Thunder user on the machine any files web Thunderbolt in the present machine there is a webserver, and the binding at 0. 0. 0. 0, while for the web request processing is not...

Fedora Update for bind FEDORA-2010-18469

Check for the Version of bind OpenVAS Vulnerability Test Fedora Update for bind FEDORA-2010-18469 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CVE-2009-2189

The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of 1 Router Advertisement and 2 Neighbor Discovery packets, which allows remote attackers to cause a denial of service resource...

CVE-2010-3769

The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted...

[SECURITY] Fedora 14 Update: bind-9.7.2-4.P3.fc14

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 13 Update: udev-153-5.fc13

The udev package contains an implementation of devfs in userspace using sysfs and netlink...

SuSE 11 / 11.1 Security Update : Linux kernel (SAT Patch Numbers 3144 / 3147 / 3148 / 3163 / 3171)

This security update of the SUSE Linux Enterprise 11 GA kernel fixes 3 critical security issues. Following security bugs were fixed : - Mismatch between 32bit and 64bit register usage in the system call entry path could be used by local attackers to gain root privileges. This problem only affects...

krb5 security update

CentOS Errata and Security Advisory CESA-2010:0926 Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVS...

Design/Logic Flaw

The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service host OS crash via a KVMRUN ioctl call in conjunction with a modified Local Descriptor Table LDT...

Mandriva Update for libalsa2 MDVA-2010:227 (libalsa2)

Check for the Version of libalsa2 OpenVAS Vulnerability Test Mandriva Update for libalsa2 MDVA-2010:227 libalsa2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CVE-2010-3804

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...

kernel: nfsd4: bug in read_buf

Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service panic or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the readbuf and...