12 matches found
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download Exploit
There is a directory traversal issue in attachment downloads in Gmail. For non-gmail accounts, there is no path sanitization on the attachment filename in the email, so when attachments are downloaded, a file with any name and any contents can be written to anywhere on the filesystem that the Gma...
Design/Logic Flaw
An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the "id" and "cid" parameter to specify the current user by its user- and context-ID...
CVE-2015-8542
An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the "id" and "cid" parameter to specify the current user by its user- and context-ID...
The vulnerability of the Red Hat Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the slrn-0.9.6.4 package of the Red Hat Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
Debian DSA-3083-1 : mutt - security update
A flaw was discovered in mutt, a text-based mailreader. A specially crafted mail header could cause mutt to crash, leading to a denial of service condition. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Mandrake Linux Security Advisory : pine (MDKSA-2000:073-1)
By adding specific headers to messages, the pine mail reader could be made to exit with an error message when users attempted to manipulate mail folders containing those messages. Update : The previous announcement did not make mention of another vulnerability in pine 4.21 and previous in that it...
Heap overflow when canceling newsgroup message — Mozilla
Georgi Guninski reported a buffer overflow in the handling of cancelled newsgroup messages. The error was caused by too small a heap buffer being allocated to store message header information. This buffer could be overrun by an attacker using a specially crafted message which could crash the mail...
DSA-1108 mutt - buffer overflow
Bulletin has no description...
Mozilla Suite: Multiple vulnerabilities
Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Impact A remote attacker could craft malicious web pages or emails that would leverage...
DSA-710-1 gtkhtml - null pointer dereference
Bulletin has no description...
Important: Red Hat Security Advisory: : Updated gdk-pixbuf packages fix denial of service vulnerability
Updated gdk-pixbuf packages that fix a denial of service vulnerability that could affect applications such as Evolution are now available. The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. In Red Hat Linux 9 this library is used by applications,...
DSA-300 balsa - buffer overflow
Bulletin has no description...