3816 matches found
WebP: User-assisted execution of arbitrary code
Background WebP is a lossy image compression format. Description An integer overflow flaw has been found in WebP. Impact A remote attacker could entice a user to open a specially crafted image in an application linked against WebP, possibly resulting in execution of arbitrary code with the...
BusyBox: Multiple vulnerabilities
Background BusyBox is set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted DHCP reques...
bzip2: User-assisted execution of arbitrary code
Background bzip2 is a high-quality data compressor used extensively by Gentoo Linux. Description An integer overflow vulnerability has been discovered in bzip2. Please review the CVE identifier referenced below for details. Impact A remote attacker could entice a user to open a specially crafted...
LibreOffice: Multiple vulnerabilities
Background LibreOffice is a full office productivity suite. Description Multiple vulnerabilities have been found in LibreOffice: The Microsoft Word Document parser contains an out-of-bounds read error CVE-2011-2713. The Raptor RDF parser contains an XML External Entity expansion error...
GNU Tar: User-assisted execution of arbitrary code
Background GNU Tar is a utility to create archives as well as add and extract files from archives. Description GNU Tar is vulnerable to a boundary error in the rmtread function in lib/rtapelib.c, which could cause a heap-based buffer overflow. Impact A remote attacker could entice the user to loa...
Asterisk: Multiple vulnerabilities
Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been reported in Asterisk: Nick Baggott reported that Asterisk does not properly process overly long ASCII strings in various packets CVE-2009-2726. Noam Rathaus and Blake Cornell reporte...
pdnsd: Denial of Service and cache poisoning
Background pdnsd is a proxy DNS server with permanent caching that is designed to cope with unreachable DNS servers. Description Two issues have been reported in pdnsd: The pexecquery function in src/dnsquery.c does not properly handle many entries in the answer section of a DNS reply, related to...
MySQL: Privilege bypass
Background MySQL is a popular multi-threaded, multi-user SQL server. Description Sergei Golubchik reported that MySQL imposes no restrictions on the specification of "DATA DIRECTORY" or "INDEX DIRECTORY" in SQL "CREATE TABLE" statements. Impact An authenticated remote attacker could create MyISAM...
libxslt: Execution of arbitrary code
Background Libxslt is the XSLT C library developed for the GNOME project. XSLT itself is an XML language to define transformations for XML. Description Anthony de Almeida Lopes reported a vulnerability in libxslt when handling XSL style-sheet files, which could be exploited to trigger the use of...
VLC: User-assisted execution of arbitrary code
Background VLC is a cross-platform media player and streaming server. Description Multiple vulnerabilities were found in VLC: Luigi Auriemma discovered that the stack-based buffer overflow when reading subtitles, which has been reported as CVE-2007-6681 in GLSA 200803-13, was not properly fixed...
Opera: Multiple vulnerabilities
Background Opera is a fast web browser that is available free of charge. Description Michal Zalewski reported two vulnerabilities, memory corruption when adding news feed sources from a website CVE-2008-1761 as well as when processing HTML CANVAS elements to use scaled images CVE-2008-1762...
xine-lib: User-assisted execution of arbitrary code
Background xine-lib is the core library package for the xine media player. Description Damian Frizza and Alfredo Ortega Core Security Technologies discovered a stack-based buffer overflow within the openflacfile function in the file demuxflac.c when parsing tags within a FLAC file CVE-2008-0486. ...
teTeX: Multiple buffer overflows
Background teTeX is a complete TeX distribution for editing documents. Description Mark Richters discovered a buffer overflow in the opensty function in file mkind.c. Other vulnerabilities have also been discovered in the same file but might not be exploitable CVE-2007-0650. Tetex also includes...
OpenOffice.org: Two buffer overflows
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing th...
PhpWiki: Remote execution of arbitrary code
Background PhpWiki is an open source content management system written in PHP. Description Harold Hallikainen has reported that the Upload page fails to properly check the extension of a file. Impact A remote attacker could upload a specially crafted PHP file to the vulnerable server, resulting i...
Apache mod_perl: Denial of service
Background Modperl is an Apache module that embeds the Perl interpreter within the server, allowing Perl-based web-applications to be created. Description Alex Solvey discovered that the "pathinfo" variable used in file RegistryCooker.pm modperl 2.x or file PerlRun.pm modperl 1.x, is not properly...
WordPress: Multiple vulnerabilities
Background WordPress is a popular personal publishing platform with a web interface. Description WordPress contains cross-site scripting or cross-site scripting forgery vulnerabilities reported by: g30rg3x in the "year" parameter of the wptitle function Alexander Concha in the "demo" parameter of...
libTIFF: Multiple buffer overflows
Background libTIFF provides support for reading and manipulating TIFF images. Description A buffer overflow has been found in the t2pwritepdfstring function in tiff2pdf, which can been triggered with a TIFF file containing a DocumentName tag with UTF-8 characters. An additional buffer overflow ha...
libTIFF: Multiple vulnerabilities
Background libTIFF provides support for reading and manipulating TIFF images. Description Multiple vulnerabilities, ranging from integer overflows and NULL pointer dereferences to double frees, were reported in libTIFF. Impact An attacker could exploit these vulnerabilities by enticing a user to...
teTeX, pTeX, CSTeX: Multiple overflows in included XPdf code
Background teTex is a complete TeX distribution. It is used for creating and manipulating LaTeX documents. CSTeX is a TeX distribution with Czech and Slovak support. pTeX is and ASCII publishing TeX distribution. Description CSTeX, teTex, and pTeX include XPdf code to handle PDF files. This XPdf...
Sun and Blackdown Java: Applet privilege escalation
Background Sun and Blackdown both provide implementations of the Java Development Kit JDK and Java Runtime Environment JRE. Description Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Impact...
OpenSSL: SSL 2.0 protocol rollback
Background OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Description Applications setting the SSLOPMSIESSLV2RSAPADDING option or the SSLOPALL option, that implies it can be forced by a third-party to...
Ethereal: Multiple vulnerabilities
Background Ethereal is a feature rich network protocol analyzer. Description There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.10, including: The Etheric, 3GPP2 A11 and IAPP dissectors are vulnerable to buffer overflows CAN-2005-0704, CAN-2005-0699 and CAN-2005-0739. Th...
tiff: Buffer overflows in image decoding
Background The tiff library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE, to help in displaying TIFF images. xv is a multi-format image manipulation utility that is statically linked to the tiff library...
cdrtools: Local root vulnerability in cdrecord if set SUID root
Background The cdrtools package is a set of tools for CD recording, including the popular cdrecord command-line utility. Description Max Vozeler discovered that the cdrecord utility, when set to SUID root, fails to drop root privileges before executing a user-supplied RSH program. By default,...
MIT krb5: Multiple vulnerabilities
Background MIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology. Description The implementation of the Key Distribution Center KDC and the MIT krb5 library contain double-free vulnerabilities, making client programs as we...
courier-imap: Remote Format String Vulnerability
Background Courier-IMAP is an IMAP server which is part of the Courier mail system. It provides access only to maildirs. Description There is a format string vulnerability in the authdebug function which can be exploited remotely, potentially leading to arbitrary code execution as the user runnin...
FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling
Background FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN are Open Source implementations of IPsec for the Linux operating system. They are all based on the discontinued FreeS/WAN project. Description All these IPsec implementations have several bugs in the verifyx509cert function, which...
OpenOffice.org vulnerability when using DAV servers
Background OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. Description OpenOffice.org includes code from the Neon library in functions related to publication on WebDAV...
Updated kernel packages fix the AMD64 ptrace vulnerability
Background Description A vulnerability has been discovered by Andi Kleen in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges. The Common Vulnerabilities and Exposures project, http://cve.mitre.org, has assigned...
Xpdf: Multiple Vulnerabilities
Background Xpdf is an X viewer for PDF files. Description Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...
Samba: Multiple Vulnerabilities
Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
containerd: Multiple Vulnerabilities
Background containerd is a daemon with an API and a command line client, to manage containers on one machine. It uses runC to run containers according to the OCI specification. Description Multiple vulnerabilities have been discovered in containerd. Please review the CVE identifiers referenced...
Ruby: Multiple vulnerabilities
Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. It comes bundled with a HTTP server "WEBrick". Description Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details. Impact Please revi...
UnZip: Multiple Vulnerabilities
Background Info-ZIP’s UnZip is a tool to list and extract files inside PKZIP compressed files. Description Multiple vulnerabilities have been discovered in UnZip. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
Sofia-SIP: Multiple Vulnerabilities
Background Sofia-SIP is an RFC3261 compliant SIP User-Agent library. Description Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no know...
OpenEXR: Multiple Vulnerabilities
Background OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. Description Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details. Impact Please revi...
libaacplus: Denial of Service
Background libaacplus is an HE-AAC+ v2 library, based on the reference implementation. Description Multiple vulnerabilities have been discovered in libaacplus. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workarou...
Gnome Shell, gettext, libcroco: Multiple Vulnerabilities
Background GNOME Shell provides core user interface functions for the GNOME desktop, like switching to windows and launching applications. gettext contains the GNU locale utilities. libcroco is a standalone CSS2 parsing and manipulation library. Description The crparserparseanycore function in...
Nokogiri: Multiple Vulnerabilities
Background Nokogiri is an HTML, XML, SAX, and Reader parser. Description Multiple vulnerabilities have been discovered in Nokogiri. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
LibRaw: Stack buffer overread
Background LibRaw is a library for reading RAW files obtained from digital photo cameras. Description LibRaw incorrectly handles parsing DNG fields in some cases, potentially resulting in a buffer overread leading to denial of service. Impact An attacker capable of providing crafted input to LibR...
aiohttp: Open redirect vulnerability
Background aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Description A bug in aiohttp.webmiddlewares.normalizepathmiddleware creates an open redirect vulnerability. Impact An attacker use this vulnerability to craft a link that, while appearing to be a link to an...
Tcpreplay: Multiple vulnerabilities
Background Tcpreplay is a suite of utilities for UNIX systems for editing and replaying network traffic which was previously captured by tools like tcpdump and ethereal/wireshark. Description Multiple vulnerabilities have been discovered in Tcpreplay. Please review the CVE identifiers referenced...
libTIFF: Multiple vulnerabilities
Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the referenced...
Dnsmasq: Multiple vulnerabilities
Background Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server. Description Multiple vulnerabilities have been discovered in Dnsmasq. Please review the references below for details. Impact An attacker, by sending specially crafted DNS replies, could possibly execute...
libuv: Buffer overflow
Background libuv is a multi-platform support library with a focus on asynchronous I/O. Description libuv used an incorrect buffer size for paths, causing a buffer overflow. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Denial of...
OpenJDK: Multiple vulnerabilities
Background OpenJDK is a free and open-source implementation of the Java Platform, Standard Edition. Description Multiple vulnerabilities have been discovered in OpenJDK. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
gThumb: Arbitrary code execution
Background gThumb is an image viewer and browser for GNOME. Description A heap-based buffer overflow in gThumb’s cairoimagesurfacecreatefromjpeg function, located in extensions/cairoio/cairo-image-surface-jpeg.c was discovered. Impact A remote attacker could entice a user to open a specially...
Cyrus IMAP Server: Access restriction bypass
Background The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server. Description An issue was discovered in Cyrus IMAP Server where sieve script uploading is excessively trusted. Impact A user can use a sieve script to create any mailbox with administrator privileges. Workaround...
Tor: Multiple vulnerabilities
Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor, and tor. Please review the CVE identifiers referenced below for details. Impact A remote attacker coul...