foomatic-filters: User-assisted execution of arbitrary code

Background The foomatic-filters package contains wrapper scripts which are designed to be used with Foomatic. Description The foomatic-rip filter improperly handles command-line arguments, including those issued by FoomaticRIPCommandLine fields in PPD files. Impact A remote attacker could entice ...

CVE-2011-3031

Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Design/Logic Flaw

Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2011-3031

Removed by vendor...

Google Chrome < 17.0.963.65 Multiple Vulnerabilities

Binary data 6341.pasl...

FreeBSD Ports: kdelibs

The remote host is missing an update to the system as announced in the referenced advisory. VID 6d21a287-fce0-11e0-a828-00235a5f2c9a OpenVAS Vulnerability Test $ Description: Auto generated from VID 6d21a287-fce0-11e0-a828-00235a5f2c9a Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian Security Advisory DSA 2364-1 (xorg)

The remote host is missing an update to xorg announced via advisory DSA 2364-1. OpenVAS Vulnerability Test $Id: deb23641.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2364-1 xorg Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2364-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php security update

CentOS Errata and Security Advisory CESA-2012:0033 Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

php: DoS when using HTTP proxy with the FTP wrapper

Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service application crash by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper...

DSA-2364-1 xorg - incorrect permission check

Bulletin has no description...

CVE-2011-4613

The X.Org X wrapper xserver-wrapper.c in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY...

CVE-2011-3365

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

Design/Logic Flaw

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

CVE-2011-3365

CVE-2011-3365 affects KDE Libraries (KDE SC) where the KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0–4.7.1 (and possibly earlier) renders certificate fields in a security dialog using the wrong font, allowing remote attackers to spoof the certificate's common name (CN) via rich text. Connected advis...

CVE-2011-3365

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

CVE-2011-3365

Removed by vendor...

[SECURITY] [DSA 2335-1] man2html security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2335-1 [email protected] http://www.debian.org/security/ Nico Golde November 5th, 2011 http://www.debian.org/security/faq -...

Debian DSA-2335-1 : man2html - missing input sanitization

Tim Starling discovered that the Debian-native CGI wrapper for man2html, a program to convert UNIX man pages to HTML, is not properly escaping user-supplied input when displaying various error messages. A remote attacker can exploit this flaw to conduct cross-site scripting XSS attacks...

[SECURITY] [DSA 2335-1] man2html security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2335-1 [email protected] http://www.debian.org/security/ Nico Golde November 5th, 2011 http://www.debian.org/security/faq -...