3816 matches found
Poppler: Arbitrary Code Execution
Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact Processing a specially crafted PDF file or JBIG2 image could lead to a crash ...
GNU Gzip, XZ Utils: Arbitrary file write
Background GNU Gzip is a popular data compression program. XZ Utils is free general-purpose data compression software with a high compression ratio. Description GNU Gzip and XZ Utils' grep helpers do not sufficiently validate certain multi-line file names. Impact In some cases, writing to arbitra...
Nokogiri: Multiple Vulnerabilities
Background Nokogiri is an HTML, XML, SAX, and Reader parser. Description Multiple vulnerabilities have been discovered in Nokogiri. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
mdbtools: Multiple Vulnerabilities
Background mdbtools is a set of libraries and utilities for reading Microsoft Access database MDB files. Description Multiple vulnerabilities have been discovered in mdbtools. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...
3MF Consortium lib3mf: Remote code execution
Background lib3mf is an implementation of the 3D Manufacturing Format file standard. Description Incorrect memory handling within lib3mf could result in a use-after-free. Impact An attacker that can provide malicious input to an application using 3MF Consortium's lib3mf could achieve remote code...
ICU: Multiple vulnerabilities
Background ICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description Multiple vulnerabilities have been discovered in ICU. Please review the upstream bugs referenced below for details. Impact Remote attackers...
PowerDNS: information disclosure
Background The PowerDNS nameserver is an authoritative-only nameserver which uses a flexible backend architecture. Description It was discovered that PowerDNS did not properly handle certain unknown records. Impact An authorized attacker with the ability to insert crafted records into a zone migh...
libuv: Buffer overflow
Background libuv is a multi-platform support library with a focus on asynchronous I/O. Description libuv used an incorrect buffer size for paths, causing a buffer overflow. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cause a Denial of...
GNU GLOBAL: Arbitrary code execution
Background GNU GLOBAL is a source code tagging system that works the same way across diverse environments, such as Emacs editor, Vi editor, Less viewer, Bash shell, various web browsers, etc. Description A vulnerability was found in an undocumented function of gozilla. Impact A remote attacker...
cURL: Multiple vulnerabilities
Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...
cURL: Multiple vulnerabilities
Background A command line tool and library for transferring data with URLs. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause a Denial of Service condition, disclose sensitive...
GIMPS: Root privilege escalation
Background GIMPS, the Great Internet Mersenne Prime Search, is a software capable of find Mersenne Primes, which are used in cryptography. GIMPS is also used for hardware testing. Description It was discovered that Gentoo’s default GIMPS installation suffered from a privilege escalation...
GPL Ghostscript: Multiple vulnerabilities
Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript and the bundled OpenJPEG. Please review the CVE identifiers and GLSA-201612-26 OpenJPEG referenced below for additional information. Note:...
Opus: User-assisted execution of arbitrary code
Background Opus is a totally open, royalty-free, highly versatile audio codec. Description A large NLSF values could cause the stabilization code in silk/NLSFstabilize.c to wrap-around and have the last value in NLSFQ15 to be negative, close to -32768. Under normal circumstances, the code will...
xdelta: User-assisted execution of arbitrary code
Background Xdelta is a C library and command-line tool for delta compression using VCDIFF/RFC 3284 streams. Description A buffer overflow can be triggered within xdelta when ran against a malicious input file. Impact A remote attacker could coerce the victim to run xdelta against a malicious inpu...
UnZip: Multiple vulnerabilities
Background Info-ZIP’s UnZip is a tool to list and extract files inside PKZIP compressed files. Description Multiple vulnerabilities were found in UnZip. Please review the referenced CVE’s for additional information. Impact Remote attackers could execute arbitrary code or cause Denial of Service...
Linux-PAM: Multiple vulnerabilities
Background Linux-PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Multiple vulnerabilities have been discovered in Linux-PAM. Please...
GIMP: Multiple vulnerabilities
Background GIMP is a cross-platform image editor available for GNU/Linux, OS X, Windows and more operating systems. Description GIMP’s network server, scriptfu, is vulnerable to the remote execution of arbitrary code via the python-fu-eval command due to not requiring authentication. Additionally...
GRUB: Authentication bypass
Background GNU GRUB is a multiboot boot loader used by most Linux systems. Description An integer underflow in GRUB’s username/password authentication code has been discovered. Impact An attacker with access to the system console may bypass the username prompt by entering a sequence of backspace...
Django: Multiple vulnerabilities
Background Django is a Python-based web framework. Description Multiple vulnerabilities have been found in Django: Session backends create a new record anytime request.session was accessed CVE-2015-5143 Built-in validators in Django do not properly sanitize input CVE-2015-5144 URL validation...
QEMU: Arbitrary code execution
Background QEMU is a generic and open source machine emulator and virtualizer. Description Heap-based buffer overflow has been found in QEMU’s PCNET controller. Impact A remote attacker could execute arbitrary code via a specially crafted packets. Workaround There is no known workaround at this...
PostgreSQL: Multiple vulnerabilities
Background PostgreSQL is an open source object-relational database management system. Description Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the...
International Components for Unicode: Multiple vulnerabilities
Background International Components for Unicode is a set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. Description Multiple vulnerabilities have been discovered in International Components for Unicode. Please review the CVE identifiers referenc...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
FLAC: User-assisted execution of arbitrary code
Background The Free Lossless Audio Codec FLAC library is the reference implementation of the FLAC audio file format. Description A stack-based buffer overflow flaw has been discovered in FLAC. Impact A remote attacker could entice a user to open a specially crafted .flac file using an application...
GNUstep Base library: Denial of service
Background GNUstep Base library is a free software package implementing the API of the OpenStep Foundation Kit tm, including later additions. Description GNUstep Base library does not properly handle the file descriptor for logging, when run as a daemon. Impact A remote attacker could send a...
AMD64 x86 emulation base libraries: Multiple vulnerabilities
Background AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries. Description Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to...
Konqueror: Multiple vulnerabilities
Background Konqueror is the KDE web browser and file manager. Description Multiple vulnerabilities have been discovered in Konqueror. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site using Konqueror,...
Ettercap: Multiple vulnerabilities
Background Ettercap is a suite of tools for content filtering, sniffing and man in the middle attacks on a LAN. Description Multiple vulnerabilities have been discovered in Ettercap: Ettercap does not handle temporary files securely CVE-2010-3843. A format string flaw in Ettercap could cause a...
Xpdf: User-assisted execution of arbitrary code
Background Xpdf is an X viewer for PDF files. Description Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could execute arbitrary code or cause a Denial of Service condition. Workaround Ther...
GNU libmicrohttpd: Multiple vulnerabilities
Background GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Description Multiple vulnerabilities have been discovered in GNU libmicrohttpd. Please review the CVE identifiers referenced below for details. Impact A remote...
NVIDIA Drivers: Privilege Escalation
Background The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic boards. Description The vulnerability is caused due to the driver allowing unprivileged user-mode software to access the GPU. Impact A local attacker could gain escalated privileges. Workaround There is no known workarou...
Perl Digest-Base module: Arbitrary code execution
Background Digest-Base is a set of Perl modules that calculate message digests Description The vulnerability is caused due to the “Digest-new” function not properly sanitising input before using it in an “eval” call. Impact The vulnerability might allow an attacker to execute arbitrary code...
BIND: Denial of service
Background BIND is the Berkeley Internet Name Domain Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition. Workaround There is no known...
Horde: Multiple vulnerabilities
Background Horde is a web application framework written in PHP. Horde IMP, the "Internet Messaging Program", is a Webmail module and Horde Passwd is a password changing module for Horde. Description Multiple vulnerabilities have been discovered in Horde: Gunnar Wrobel reported an input sanitation...
PulseAudio: Local privilege escalation
Background PulseAudio is a network-enabled sound server with an advanced plug-in system. Description Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that the pulseaudio binary is installed setuid root, and does not drop privileges before re-executing itself. The vulnerabili...
APR Utility Library: Multiple vulnerabilities
Background The Apache Portable Runtime Utility Library aka apr-util provides an interface to functionality such as XML parsing, string matching and databases connections. Description Multiple vulnerabilities have been discovered in the APR Utility Library: Matthew Palmer reported a heap-based...
ModSecurity: Denial of service
Background ModSecurity is a popular web application firewall for the Apache HTTP server. Description Multiple vulnerabilities were discovered in ModSecurity: Juan Galiana Lara of ISecAuditors discovered a NULL pointer dereference when processing multipart requests without a part header name...
phpMyAdmin: Multiple vulnerabilities
Background phpMyAdmin is a web-based management tool for MySQL databases. Description Multiple vulnerabilities have been reported in phpMyAdmin: Greg Ose discovered that the setup script does not sanitize input properly, leading to the injection of arbitrary PHP code into the configuration file...
Squid: Multiple Denial of Service vulnerabilities
Background Squid is a full-featured web proxy cache. Description The arrayShrink function in lib/Array.c can cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239 CVE-2008-1612. An invalid version number in a HTTP...
MySQL: Multiple vulnerabilities
Background MySQL is a popular multi-threaded, multi-user SQL server. Description Multiple vulnerabilities have been reported in MySQL: Mattias Jonsson reported that a "RENAME TABLE" command against a table with explicit "DATA DIRECTORY" and "INDEX DIRECTORY" options would overwrite the file to...
CUPS: Multiple vulnerabilities
Background CUPS provides a portable printing layer for UNIX-based operating systems. The alternate pdftops filter is a CUPS filter used to convert PDF files to the Postscript format via Poppler; the filter is installed by default in Gentoo Linux. Description Wei Wang McAfee AVERT Research...
TikiWiki: Multiple vulnerabilities
Background TikiWiki is an open source content management system written in PHP. Description Stefan Esser reported that a previous vulnerability CVE-2007-5423, GLSA 200710-21 was not properly fixed in TikiWiki 1.9.8.1 CVE-2007-5682. The TikiWiki development team also added several checks to avoid...
F-PROT Antivirus: Multiple vulnerabilities
Background F-Prot Antivirus is a FRISK Software antivirus program that can used with procmail. Description F-Prot Antivirus version 4.6.7 fixes a heap-based buffer overflow, an infinite loop, and other unspecified vulnerabilities. Impact Among other weaker impacts, a remote attacker could send an...
AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities
Background OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. The x86 emulation base libraries for AMD64 contain a vulnerable version of OpenSSL. Description Tavis Ormandy and Will Drewry, both of the Google...
Ruby on Rails: Several vulnerabilities
Background Ruby on Rails is an open-source web framework. Description The Ruby on Rails developers have corrected some weaknesses in actioncontroller/, relative to the handling of the user input and the LOADPATH variable. A remote attacker could inject arbitrary entries into the LOADPATH variable...
CherryPy: Directory traversal vulnerability
Background CherryPy is a Python-based, object-oriented web development framework. Description Ivo van der Wijk discovered that the "staticfilter" component of CherryPy fails to sanitize input correctly. Impact An attacker could exploit this flaw to obtain arbitrary files from the web server...
Wine: Windows Metafile SETABORTPROC vulnerability
Background Wine is a free implementation of Windows APIs for Unix-like systems. Description H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile WMF files. Impact An attacker could entice a user to open a specially crafted Windows...
GNUMP3d: Directory traversal and XSS vulnerabilities
Background GNUMP3d is a streaming server for MP3s, OGG vorbis files, movies and other media formats. Description Steve Kemp reported about two cross-site scripting attacks that are related to the handling of files CVE-2005-3424, CVE-2005-3425. Also reported is a directory traversal vulnerability...
Berkeley MPEG Tools: Multiple insecure temporary files
Background The Berkeley MPEG Tools are a collection of utilities for manipulating MPEG video technology, including an encoder mpegencode and various conversion utilities. Description Mike Frysinger of the Gentoo Security Team discovered that mpegencode and the conversion utilities were creating...