PT-2010-2098 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.32.8 Description: The issue is related to the load elf binary function in the Linux kernel, which does not ensure the availability of the ELF interpreter before calling the SET PERSONALITY macro. This allows...

BlackBerry Application Web Loader ActiveX Control Buffer Overflow (CVE-2009-0305)

The BlackBerry Application Web Loader allows to download the BlackBerry applications from a web server using a browser supporting ActiveX controls onto a handheld device. It makes deployment of new applications and updates easier for developers. A user can load the application to their BlackBerry...

libtool: libltdl may load and execute code from a library in the current directory

ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file...

DEBIAN-CVE-2009-3909

Integer overflow in the readchanneldata function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow...

CVE-2009-3525

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...

Design/Logic Flaw

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...

CVE-2009-3525

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...

RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2007:0829)

Updated java-1.5.0-ibm packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2...

PT-2009-2346 · Zen Cart · Zen Cart

Name of the Vulnerable Software and Affected Versions: Zen Cart versions 1.3.8 through 1.3.8a Description: A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files via a .. dot dot in the loader file parameter in admin/includes/initsystem.php when...

openSUSE Security Update : libQtWebKit-devel (libQtWebKit-devel-216)

A flaw in the CSS loader of the WebKit engine could crash programs and potentially allows execution of arbitrary code CVE-2008-3632. This update also fixes unrelated problems with printing. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit

No description provided by source. / pecoffpanic.c by Shaun Colley, 20 July 2009 this code will panic the freebsd kernel due to a bug in the PECOFF executable loader code 'options PECOFFSUPPORT' in kernel config or kldload pecoff panic9 is in vmfault due to a page fault. the panic seems to be...

openSUSE Security Update : WebKitGtk (WebKitGtk-212)

A flaw in the CSS loader of the WebKit engine could crash programs and potentially allows execution of arbitrary code CVE-2008-3632. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

FreeBSD 7.2 - pecoff Local Denial of Service

FreeBSD 7.2 - pecoff Local Denial of Service / pecoffpanic.c by Shaun Colley, 20 July 2009 this code will panic the freebsd kernel due to a bug in the PECOFF executable loader code 'options PECOFFSUPPORT' in kernel config or kldload pecoff panic9 is in vmfault due to a page fault. the panic seems...

FreeBSD 7.2 - 'pecoff' Local Denial of Service

/ pecoffpanic.c by Shaun Colley, 20 July 2009 this code will panic the freebsd kernel due to a bug in the PECOFF executable loader code 'options PECOFFSUPPORT' in kernel config or kldload pecoff panic9 is in vmfault due to a page fault. the panic seems to be caused in genericbcopy...probably...

Mandrake Linux Security Advisory : imlib2 (MDKSA-2007:156)

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...

Mandriva Linux Security Advisory : imlib2 (MDVSA-2009:019)

A vulnerability have been discovered in the load function of the XPM loader for imlib2, which allows attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted XPM file CVE-2008-5187. The updated packages have been patched to prevent this. %NASLMINLEVEL 70300 C...

Mandriva Update for gimp MDKSA-2007:108 (gimp)

Check for the Version of gimp OpenVAS Vulnerability Test Mandriva Update for gimp MDKSA-2007:108 gimp Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for gimp MDKSA-2007:170 (gimp)

Check for the Version of gimp OpenVAS Vulnerability Test Mandriva Update for gimp MDKSA-2007:170 gimp Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Ubuntu Update for tetex-bin vulnerability USN-410-2

Ubuntu Update for Linux kernel vulnerabilities USN-410-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN4102.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for tetex-bin vulnerability USN-410-2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for xine-lib vulnerability USN-435-1

Ubuntu Update for Linux kernel vulnerabilities USN-435-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4351.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for xine-lib vulnerability USN-435-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...