EUVD-2008-1927

Malware in sbrugna...

RHEL 5 : gdm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gdm: logs user passwors that contain invalid UTF8-encoded characters, in debug mode CVE-2010-2387 Note that Nessus...

Freeze Bridge via Non-UTF8 Token Name/Symbol/Denom

Handle nascent Vulnerability details Manual insertion of non-utf8 characters in a token name will break parsing of logs and will always result in the oracle getting in a loop of failing and early returning an error. The fix is non-trivial and likely requires significant redesign. Proof of Concept...

Design/Logic Flaw

vicious-extensions/ve-misc.c in GNOME Display Manager gdm 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs...

Mandriva Update for perl MDVSA-2008:100 (perl)

Check for the Version of perl OpenVAS Vulnerability Test Mandriva Update for perl MDVSA-2008:100 perl Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Ubuntu: Security Advisory (USN-700-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-700-1: Perl vulnerabilities

Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives. If a user or automated system were tricked into opening a specially crafted tar file, a remote attacker could over-write arbitrary files. CVE-2007-4829 Tavis Ormandy and Will...

CVE-2008-1927

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...

CVE-2008-1927

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...

CVE-2008-1927

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...

Double free

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...

CVE-2008-1927

CVE-2008-1927 : A double-free in Perl 5.8.8’s regular expression engine with Unicode/UTF-8 patterns can cause memory corruption and crash (denial of service). Affected advisories reference patching Perl (e.g., MiracleLinux AXSA-2008-74:01) and rely on updated Perl packages; remediation is via ven...

CVE-2008-1927

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...

CVE-2008-1927

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...

Java Web Start tempbuff Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the useEncodingDecl function used while...

Important: Red Hat Security Advisory: qt security update

Updated qt packages that correct two security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications for t...