[SECURITY] Fedora 8 Update: qemu-0.9.0-6.fc8

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Debian Security Advisory DSA 872-1 (koffice)

The remote host is missing an update to koffice announced via advisory DSA 872-1. Chris Evans discovered a buffer overflow in the RTF importer of kword, a word processor for the KDE Office Suite that can lead to the execution of arbitrary code. The old stable distribution woody does not contain a...

Linux kernel multiple security vulnrabilities

unask is not correctly applied on CIFS filesystem, DoS via hugetlbvmtruncatelist and hugetlbvmtruncate, IA32 emulation subsystem processor registors access, ieee80211rx integer overflow, Philips USB Webcam driver DoS, waittaskstopped DoS...

Lotus Notes buffer overflow in the Lotus WorkSheet file processor

Advisory ID Internal CORE-2007-0821 Advisory Information Title: Lotus Notes buffer overflow in the Lotus WorkSheet file processor Advisory ID: CORE-2007-0821 Date published: 2007-11-27 Date of last update: 2007-11-27 Vendors contacted: IBM Corp. Release mode: COORDINATED RELEASE Vulnerability...

Ubuntu 6.06 LTS / 6.10 : evince-gtk vulnerability (USN-390-3)

USN-390-2 fixed vulnerabilities in evince. This update provides the corresponding update for evince-gtk. A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrar...

Ubuntu 5.10 / 6.06 LTS / 6.10 : evince vulnerability (USN-390-1)

A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding...

Code injection

Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager ELOM on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor SP via unspecified vectors, a different vulnerability than CVE-2007-5170...

CVE-2007-5717

Technical details for CVE-2007-5717 are not publicly available in the provided documents. The materials mention an unspecified remote code execution in Sun Fire X2100/X2200 ELOM but do not specify affected versions, vectors, or fixes. Monitor for updates.

CVE-2007-5717

Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager ELOM on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor SP via unspecified vectors, a different vulnerability than CVE-2007-5170...

[SECURITY] Fedora Core 6 Update: openoffice.org-2.0.4-5.5.24

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

Snort Back Orifice Pre-Processor buffer overflow

Added: 08/28/2007 CVE: CVE-2005-3252 BID: 15131 OSVDB: 20034 Background Back Orifice is a remote system administration program for Windows. It is commonly installed by attackers or Trojan Horse programs for use as a backdoor. Snort is an open-source intrusion detection system. It includes a Back...

CVE-2007-4144

Cross-site scripting XSS vulnerability in sample-forms/simple-contact-form-with-preview/simple-contact-form-with-preview.html in MitriDAT eMail Form Processor Pro allows remote attackers to inject arbitrary web script or HTML via the basepath parameter, possibly related to 1 formprocessorpro.php ...

Cross site scripting

Cross-site scripting XSS vulnerability in sample-forms/simple-contact-form-with-preview/simple-contact-form-with-preview.html in MitriDAT eMail Form Processor Pro allows remote attackers to inject arbitrary web script or HTML via the basepath parameter, possibly related to 1 formprocessorpro.php ...

CVE-2007-4144

Cross-site scripting XSS vulnerability in sample-forms/simple-contact-form-with-preview/simple-contact-form-with-preview.html in MitriDAT eMail Form Processor Pro allows remote attackers to inject arbitrary web script or HTML via the basepath parameter, possibly related to 1 formprocessorpro.php ...

CVE-2007-4144

CVE-2007-4144 affects MitriDAT eMail Form Processor Pro, specifically the sample-forms/simple-contact-form-with-preview.html page. The vulnerability is a Cross-site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML through the base_path parameter, with possi...

Mitridat Form Processor Pro XSS

Greetings, I have discovered cross-site scripting vulnerability in Mitridat's Form Processor Pro. http://www.mitridat.com/ http://www.mitridat.com/products-form-processor-pro.html Form Mail: Email Form Processor Pro™ - process all forms on your website Form Mail: Email Form Processor Pro is the...

Command Injection in XML Digital Signatures

iSEC Partners Security Advisory - 12 Jul 2007 XML Digital Signature Command Injection http://www.isecpartners.com -------------------------------------------- XML Digital Signature Command Injection Vulnerability Vendor: Sun Microsystems, Inc. Vendor URL: http://sun.com Versions affected: JSR 105...

CVE-2006-7215

The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set the memory page Access A bit for a page in certain circumstances involving proximity of the code segment limit to the end of a code page, which has unknown impact and attack vectors on certai...

CVE-2006-7215

CVE-2006-7215 affects Intel Core 2 Extreme X6800 and Core 2 Duo E6000/E4000 processors. The issue is that memory page Access (A) bit is incorrectly set for a page in certain circumstances when the code segment limit is near the end of a code page. The impact is unclear and described as unknown; a...

iDefense Security Advisory 06.07.07: Linux Kernel cpuset tasks Information Disclosure Vulnerability

Linux Kernel cpuset tasks Information Disclosure Vulnerability iDefense Security Advisory 06.07.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 07, 2007 I. BACKGROUND Linux is a clone of the UNIX operating system, written from scratch by Linus Torvalds with assistance from a...