Command Injection in XML Digital Signatures

iSEC Partners Security Advisory - 12 Jul 2007 XML Digital Signature Command Injection http://www.isecpartners.com -------------------------------------------- XML Digital Signature Command Injection Vulnerability Vendor: Sun Microsystems, Inc. Vendor URL: http://sun.com Versions affected: JSR 105...

CVE-2006-7215

The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set the memory page Access A bit for a page in certain circumstances involving proximity of the code segment limit to the end of a code page, which has unknown impact and attack vectors on certai...

CVE-2006-7215

CVE-2006-7215 affects Intel Core 2 Extreme X6800 and Core 2 Duo E6000/E4000 processors. The issue is that memory page Access (A) bit is incorrectly set for a page in certain circumstances when the code segment limit is near the end of a code page. The impact is unclear and described as unknown; a...

iDefense Security Advisory 06.07.07: Linux Kernel cpuset tasks Information Disclosure Vulnerability

Linux Kernel cpuset tasks Information Disclosure Vulnerability iDefense Security Advisory 06.07.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 07, 2007 I. BACKGROUND Linux is a clone of the UNIX operating system, written from scratch by Linus Torvalds with assistance from a...

DSA-1284-1 qemu

Bulletin has no description...

CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

Sun Solaris TCP/IP内核内存破坏拒绝服务漏洞

Sun Solaris是一款商业性质的操作系统。 使用CMT处理器的Sun Solaris系统在处理超多的快速打开/关闭TCP连接的TCP/IP负载时存在竞争条件问题，远程攻击者可以利用漏洞对系统进行拒绝服务攻击。 目前没有详细漏洞细节提供。 Sun Solaris 10.0 x86 Sun Solaris 10.0 补丁下载： Sun Solaris 10.0 Sun 125100-02 http://sunsolve.sun.com/private-cgi/pdownload.pl?target=125100-02&meth od=h Sun Solaris 10.0 x86 Sun...

[SECURITY] Fedora Core 5 Update: openoffice.org-2.0.2-5.21.2

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

security flaw

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service memory and CPU exhaustion by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop...

Code injection

Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table IDT entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more...

CVE-2007-1194

Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table IDT entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more...

CVE-2007-1194

Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table IDT entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more...

CentOS 3 / 4 : openoffice.org (CESA-2007:0001)

Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager,...

RHEL 3 / 4 : openoffice.org (RHSA-2007:0001)

Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager,...

USN-379-1: texinfo vulnerability

Miloslav Trmac discovered a buffer overflow in texinfo's index processor. If a user is tricked into processing a .texi file with texindex, this could lead to arbitrary code execution with user privileges...

ingo1 mail processor shell characters problem

Insufficient shell characters filtering during procmail rules creation allows code execution...

CentOS 4 : perl (CESA-2005:880)

Updated Perl packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilitie...

Important: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager,...

CentOS 3 : perl (CESA-2005:881)

Updated Perl packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilitie...

HP OpenView OmniBack directory traversal

Added: 06/06/2006 CVE: CVE-2001-0311 BID: 11032 OSVDB: 6018 Background HP OpenView is a suite of tools for managing networks. The OmniBack component provides backup and restoration capabilities. Problem A directory traversal vulnerability in the OmniBack service allows a remote attacker to run a...