poppler security update

CentOS Errata and Security Advisory CESA-2007:0732 Updated poppler packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a PDF rendering...

RHEL 5 : poppler (RHSA-2007:0732)

Updated poppler packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a PDF rendering library, used by applications such as evince. Maury...

Important: Red Hat Security Advisory: poppler security update

Updated poppler packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a PDF rendering library, used by applications such as evince. Maury...

[SECURITY] Fedora 7 Update: epiphany-2.18.3-2.fc7

epiphany is a simple GNOME web browser based on the Mozilla rendering engine...

Opera/Konqueror: data: URL scheme address bar spoofing

With a specially crafted web page, an attacker can redirect a www browser to the page, which URL in the url bar resembles an arbitrary domain choosen by the attacker. It's possible due to the fact, that some web browsers incorrectly display contents of the url bar while rendering pages based on t...

Apple WebKit frame rendering memory corruption vulnerability

Overview The Apple Webkit contains a memory corruption vulnerability.This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to Apple: WebKit is the open source core of Apple's Safari web browser. It is available as a framework in Mac OS X...

[SECURITY] Fedora Core 6 Update: freetype-2.2.1-17.fc6

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

[SECURITY] Fedora 7 Update: freetype-2.3.4-3.fc7

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

[SECURITY] Fedora 7 Update: epiphany-2.18.1-3.fc7

epiphany is a simple GNOME web browser based on the Mozilla rendering engine...

[SECURITY] Fedora Core 5 Update: epiphany-2.14.3-6.fc5

epiphany is a simple GNOME web browser based on the Mozilla rendering engine...

[SECURITY] Fedora Core 6 Update: epiphany-2.16.3-5.fc6

epiphany is a simple GNOME web browser based on the Mozilla rendering engine...

UebiMiau 2.7.10 - demopop3error.php?selected_theme Cross-Site Scripting

UebiMiau 2.7.10 - demopop3error.php?selectedtheme Cross-Site Scripting source: https://www.securityfocus.com/bid/24210/info Uebimiau is prone to multiple input-validation vulnerabilities, including cross-site scripting issues and an information-disclosure issue, because the application fails to...

SunShop Shopping Cart 4.0 - index.php?l Cross-Site Scripting

SunShop Shopping Cart 4.0 - index.php?l Cross-Site Scripting source: https://www.securityfocus.com/bid/23856/info TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may...

FreeType: User-assisted execution of arbitrary code

Background FreeType is a True Type Font rendering library. Description Greg MacManus of iDefense Labs has discovered an integer overflow in the function bdfReadCharacters when parsing BDF fonts. Impact A remote attacker could entice a user to use a specially crafted BDF font, possibly resulting i...

DeskPro 2.0.1 - 'login.php' HTML Injection

source: https://www.securityfocus.com/bid/23381/info DeskPRO is prone to an HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing...

QuizShock 1.6.1 - 'auth.php' HTML Injection

source: https://www.securityfocus.com/bid/23368/info QuizShock is prone to an HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowi...

CVE-2006-5586

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."...

CVE-2006-5586

CVE-2006-5586 is a GDI-based local privilege-elevation vulnerability in the Graphics Rendering Engine of Microsoft Windows 2000 SP4 and Windows XP SP2 (and related Windows variants). The flaw stems from processing invalid application window sizes when rendering layered windows, allowing a logged-...

CVE-2006-5586

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."...

Microsoft Windows Graphics Rendering Engine GDI Local Privilege Escalation Vulnerability

Description Microsoft Windows Graphics Rendering Engine is prone to local privilege-escalation vulnerability. Successful exploits may result in a complete compromise of affected computers. Technologies Affected Avaya Customer Interaction Express CIE Server 1.0 Avaya Customer Interaction Express C...