EUVD-2013-5487

Malware in sbrugna...

Mageia: Security Advisory (MGASA-2013-0268)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : libdigidoc-3.9.1.1191-1.fc21 (2014-14892)

New upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

[SECURITY] Fedora 21 Update: libdigidoc-3.9.1.1191-1.fc21

libDigiDoc is a library implementing a subset of the XAdES digital signature standard on top of Estonian specific .ddoc container format. It allows to create, sign, verify, and modify digidoc XML containers...

[ MDVSA-2013:225 ] libdigidoc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:225 http://www.mandriva.com/en/support/security/ Package : libdigidoc Date : September 2, 2013 Affected: Business Server 1.0 Problem Description: Updated libdigidoc packages fix security vulnerability: Fixed...

libdigidoc unauthorized access

It's possible to overwrite any file...

Mandriva Linux Security Advisory : libdigidoc (MDVSA-2013:225)

Updated libdigidoc packages fix security vulnerability : Fixed one critical bug in the DDOC parsing routines. By persuading a victim to open a specially crafted DDOC file, a remote attacker could exploit this vulnerability to overwrite arbitrary files on the system with the privileges of the vict...

MGASA-2013-0268 Updated libdigidoc packages fix CVE-2013-5648

Updated libdigidoc packages fix security vulnerability: Fixed one critical bug in the DDOC parsing routines. By persuading a victim to open a specially-crafted DDOC file, a remote attacker could exploit this vulnerability to overwrite arbitrary files on the system with the privileges of the victi...

Updated libdigidoc packages fix CVE-2013-5648

Updated libdigidoc packages fix security vulnerability: Fixed one critical bug in the DDOC parsing routines. By persuading a victim to open a specially-crafted DDOC file, a remote attacker could exploit this vulnerability to overwrite arbitrary files on the system with the privileges of the victi...

Path traversal

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / slash or \ backslash in a DDOC file...

CVE-2013-5648

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / slash or \ backslash in a DDOC file...

CVE-2013-5648

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / slash or \ backslash in a DDOC file...

CVE-2013-5648

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / slash or \ backslash in a DDOC file...

CVE-2013-5648

Affected software: libdigidoc (library) 3.6.0.0 used by ID-software before 3.7.2; component: DigiDocSAXParser.c (handleStartDataFile); vulnerability type: absolute path traversal. Root cause: unvalidated filename beginning with / or \ in a DDOC file allows remote attackers to overwrite arbitrary ...