kernel: netns vs proto registration ordering

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

kernel: netns vs proto registration ordering

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

PT-2012-1535 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue affects the tunnels implementation in the Linux kernel, allowing remote attackers to cause a denial of service by sending a packet during module loading when tunnel functionality is...

Fedora Update for gdk-pixbuf2 FEDORA-2011-8672

Check for the Version of gdk-pixbuf2 OpenVAS Vulnerability Test Fedora Update for gdk-pixbuf2 FEDORA-2011-8672 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

PT-2012-1534 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue affects the Linux kernel, specifically the ip gre module. It allows remote attackers to cause a denial of service by sending a packet during module loading, resulting in an OOPS...

XnView < 1.98.1 Insecure Executable Loading

The version of XnView installed on the remote Windows host is earlier than 1.98.1. As such, it reportedly uses unsafe methods for determining how to load executables. Specifically, there is an issue with the file search path, which could result in the insecure loading of executables when using th...

IBM DB2 - &#039;DT_RPATH&#039; Insecure Library Loading Arbitrary Code Execution

// source: https://www.securityfocus.com/bid/48514/info IBM DB2 is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code with root privileges. Successfully exploiting this issue will result in...

IBM DB2 - DT_RPATH Insecure Library Loading Arbitrary Code Execution

IBM DB2 - DTRPATH Insecure Library Loading Arbitrary Code Execution // source: https://www.securityfocus.com/bid/48514/info IBM DB2 is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code wit...

Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

[SECURITY] Fedora 15 Update: gdk-pixbuf2-2.23.3-2.fc15

gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter...

xAurora 10.00 - RSRC32.dll DLL Loading Arbitrary Code Execution

xAurora 10.00 - RSRC32.dll DLL Loading Arbitrary Code Execution / source: https://www.securityfocus.com/bid/48432/info xAurora is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application...

PT-2011-10: Abritrary Files Loading in ManageEngine ServiceDesk Plus 8.0

The specialists of the Positive Research center have detected "Abritrary Files Loading" vulnerability in ManageEngine ServiceDesk Plus. Insufficient CSV file input filtering in user import script allows attackers with guest privileges account guest/guest overwrite an arbitrary file in bin folder ...

Adobe Reader < 10.1 / 9.4.5 / 8.3 Multiple Vulnerabilities (APSB11-12, APSB11-12, APSB11-16) (Mac OS X)

The version of Adobe Reader installed on the remote Mac OS X host is prior to 10.1, 9.4.5, or 8.3. It is, therefore, affected by the following vulnerabilities : - Multiple buffer overflow conditions exist that allow an attacker to execute arbitrary code. CVE-2011-2094, CVE-2011-2095, CVE-2011-209...

xAurora 10.00 - &#039;RSRC32.dll&#039; DLL Loading Arbitrary Code Execution

/ source: https://www.securityfocus.com/bid/48432/info xAurora is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a...

Adobe Reader < 10.1 / 9.4.5 / 8.3 Multiple Vulnerabilities (APSB11-16)

The version of Adobe Reader installed on the remote host is earlier than 10.1 / 9.4.5 / 8.3. Such versions are reportedly affected by multiple vulnerabilities : - Multiple buffer overflow vulnerabilities exist that could lead to code execution. CVE-2011-2094, CVE-2011-2095, CVE-2011-2097 - A heap...

Adobe Acrobat < 10.1 / 9.4.5 / 8.3 Multiple Vulnerabilities (APSB11-16)

The version of Adobe Acrobat installed on the remote host is earlier than 10.1 / 9.4.5 / 8.3. Such versions are reportedly affected by multiple vulnerabilities : - Multiple buffer overflow vulnerabilities exist that could lead to code execution. CVE-2011-2094, CVE-2011-2095, CVE-2011-2097 - A hea...

Java Web Start may insecurely load dynamic libraries

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load DLLs. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the DLL search path...

Java Web Start may insecurely load settings files

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load settings files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file...

Java Web Start may insecurely load policy files

Overview Java Web Start provided Oracle may use unsafe methods for determining how to load policy files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file...

JVN#09206238: Java Web Start may insecurely load settings files

Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE Java Runtime Environment Java Web Start contains an issue with the file search path, which may insecurely load settings files. Impact An attacker may execute arbitrary code with t...