Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Cesanta Mongoose 安全漏洞

Cesanta Mongoose is a suite of embedded server libraries from the Irish company Cesanta, which includes functionality for TCP, HTTP clients and servers, and WenSocket clients and servers. A security vulnerability exists in Cesanta Mongoose version b316989, which stems from a null pointer...

Advanced Forensics File Format: AFF4

The Advanced Forensics File format 4 was originally designed and published in “Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow” M.I. Cohen, Simson Garfinkel and Bradley Schatz, digital investigation 6 2009...

DEBIAN-CVE-2010-1679

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package...

Directory traversal

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package...

CVE-2010-1679

CVE-2010-1679 describes a directory-traversal flaw in dpkg-source (dpkg prior to 1.14.31 and 1.15.x) where a patch for a source-format 3.0 package can be exploited to modify arbitrary files. The root cause is insufficient validation of patch-driven file paths during source-package processing, ena...

Ubuntu 9.10 / 10.04 LTS / 10.10 : dpkg vulnerability (USN-1038-1)

Jakub Wilk and Raphael Hertzog discovered that dpkg-source did not correctly handle certain paths and symlinks when unpacking source-format version 3.0 packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files...

USN-1038-1: dpkg vulnerability

Jakub Wilk and Raphael Hertzog discovered that dpkg-source did not correctly handle certain paths and symlinks when unpacking source-format version 3.0 packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files...

CVE-2010-1679

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package...