3816 matches found
X.Org Server: Multiple vulnerabilities
Background The X.Org project provides an open source implementation of the X Window System. Description Multiple vulnerabilities have been discovered in X.Org Server. Please review the referenced CVE identifiers for details. Impact A local attacker could cause a global buffer overflow or a Denial...
GNU Wget: Header injection
Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description It was discovered that there was a header injection vulnerability in GNU Wget which allowed remote attackers to inject arbitrary HTTP headers via CRL...
minicom: Remote execution of arbitrary code
Background Minicom is a text-based serial port communications program. Description In minicom before version 2.7.1, the escparms buffer in vt100.c is vulnerable to an overflow. Impact A remote attacker, able to connect to a minicom port, could possibly execute arbitrary code with the privileges o...
T1Lib: : Multiple vulnerabilities
Background T1Lib is a library for rasterizing bitmaps from Adobe Type 1 fonts. Description Multiple vulnerabilities have been discovered in T1Lib. Please review the CVE identifiers referenced below for details. Impact Remote attackers, by coercing users to process specially crafted AFM font or PD...
GPL Ghostscript: User-assisted execution of arbitrary code
Background Ghostscript is an interpreter for the PostScript language and for PDF. Description An integer overflow flaw was discovered that leads to an out-of-bounds read and write in gsttf.ps. Impact A remote attacker could entice a user to open a specially crafted file, possibly resulting in the...
exFAT: Multiple vulnerabilities
Background A full-featured exFAT file system implementation for Unix-like systems. Description Two vulnerabilities were found in exFAT. A malformed input can cause a write heap overflow or cause an endless loop. Impact Remote attackers could execute arbitrary code or cause Denial of Service...
TestDisk: User-assisted execution of arbitrary code
Background TestDisk is powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software: certain types of viruses or human error such as accidentally deleting a Partition...
FreeXL: Multiple vulnerabilities
Background FreeXL is an open source library to extract valid data from within an Excel .xls spreadsheet. Description FreeXL’s shared strings and workbook functions are vulnerable to the remote execution of arbitrary code and Denial of Service. This can be achieved through specially crafted...
Chromium: Multiple vulnerabilities
Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Description Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details...
libwmf: Multiple vulnerabilities
Background libwmf is a library for converting WMF files. Description Multiple vulnerabilities have been discovered in libwmf. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause...
Perl: Denial of service
Background Perl is a highly capable, feature-rich programming language. Description Sregmatch function lacks proper checks before passing arguments to atoi Impact A remote attacker could send a specially crafted input, possibly resulting in a Denial of Service condition. Workaround There is no...
X.Org X Server: Multiple vulnerabilities
Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary cod...
D-Bus: Multiple Vulnerabilities
Background D-Bus is a message bus system, a simple way for applications to talk to one another. Description Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly cause a Denial of Service...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
Django: Multiple vulnerabilities
Background Django is a Python-based web framework. Description Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute code with the privileges of the process, modify SQL queries, or disclose...
Dnsmasq: Denial of Service
Background Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server. Description When used with certain libvirt configurations Dnsmasq replies to queries from prohibited interfaces. Impact A remote attackers can cause a Denial of Service via spoofed TCP based DNS queries...
Mesa: Multiple vulnerabilities
Background Mesa is an OpenGL-like graphic library for Linux. Description Multiple vulnerabilities have been discovered in Mesa. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or cau...
libssh: Arbitrary code execution
Background libssh is a C library providing SSHv2 and SSHv1. Description Multiple buffer overflow, double free, and integer overflow vulnerabilities have been discovered in libssh. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial o...
ISC DHCP: Denial of service
Background ISC DHCP is a Dynamic Host Configuration Protocol DHCP client/server. Description ISC DHCP is vulnerable to a memory exhaustion attack involving regular expressions sent by DHCP clients. Impact A remote attacker could send a specially crafted request from a malicious or spoofed client,...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A...
Calligra: User-assisted execution of arbitrary code
Background Calligra is an office suite by KDE. Description An error in the read function in styles.cpp could cause a heap-based buffer overflow. Impact A remote attacker could entice a user to open a specially crafted ODF file, possibly resulting in execution of arbitrary code with the privileges...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A...
Chromium: Multiple vulnerabilities
Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...
Clam AntiVirus: Multiple vulnerabilities
Background Clam AntiVirus short: ClamAV is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities were discovered in Clam AntiVirus. For further information, please consult the CVE entries referenced below. Impact A remote...
CDF: User-assisted execution of arbitrary code
Background CDF is a library for the Common Data Format which is a self-describing data format for the storage and manipulation of scalar and multidimensional data. It is developed by the NASA. Description Leon Juranic reported multiple heap-based buffer overflows for instance in the ReadAEDRList6...
OpenSC: Multiple vulnerabilities
Background OpenSC provides a set of libraries and utilities to access smart cards. Description Multiple vulnerabilities were found in OpenSC: b.badrignans discovered that OpenSC incorrectly initialises private data objects CVE-2009-0368. Miquel Comas Marti discovered that src/tools/pkcs11-tool.c ...
MIT Kerberos 5: Multiple vulnerabilities
Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center. Description Multiple vulnerabilities have been reported in MIT Kerberos 5: A free call on an uninitialized...
FFmpeg: Multiple vulnerabilities
Background FFmpeg is a complete solution to record, convert and stream audio and video. gst-plugins-ffmpeg is a FFmpeg based gstreamer plugin which includes a vulnerable copy of FFmpeg code. Mplayer is a multimedia player which also includes a vulnerable copy of the code. Description Multiple...
FreeType: User-assisted execution of arbitrary code
Background FreeType is a font rendering library for TrueType Font TTF and Printer Font Binary PFB. Description Regenrecht reported multiple vulnerabilities in FreeType via iDefense: An integer overflow when parsing values in the Private dictionary table in a PFB file, leading to a heap-based buff...
Pngcrush: User-assisted execution of arbitrary code
Background Pngcrush is a multi platform optimizer for PNG Portable Network Graphics files. Description It has been reported that Pngcrush includes a copy of libpng that is vulnerable to a memory corruption GLSA 200804-15. Impact A remote attacker could entice a user to process a specially crafted...
Asterisk: Multiple vulnerabilities
Background Asterisk is an open source telephony engine and tool kit. Description Asterisk upstream developers reported multiple vulnerabilities: The Call Detail Record Postgres logging engine cdrpgsql does not correctly escape the ANI and DNIS arguments before using them in SQL statements...
gnome-screensaver: Privilege escalation
Background gnome-screensaver is a screensaver, designed to integrate with the Gnome desktop, that can replace xscreensaver. Description gnome-screensaver incorrectly handles the results of the getpwuid function in the file src/setuid.c when using directory servers like NIS during a network outage...
phpMyAdmin: SQL injection vulnerability
Background phpMyAdmin is a free web-based database administration tool. Description Richard Cunningham reported that phpMyAdmin uses the $REQUEST variable of $GET and $POST as a source for its parameters. Impact An attacker could entice a user to visit a malicious web application that sets an...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the popular SWF file format, which is commonly used to provide interactive websites, digital experiences and mobile content. Description Flash contains a copy of PCRE which is vulnerable to a heap-based buffer overflow GLSA 200711-30,...
Xfce: Multiple vulnerabilities
Background Xfce is a GTK+ 2 based desktop environment that allows to run a modern desktop environment on modest hardware. Description Gregory Andersen reported that the Xfce4 panel does not correctly calculate memory boundaries, leading to a stack-based buffer overflow in the...
Mozilla Firefox, SeaMonkey, XULRunner: Multiple vulnerabilities
Background Mozilla Firefox is a cross-platform web browser from Mozilla. SeaMonkey is a free, cross-platform Internet suite. Description Multiple vulnerabilities have been reported in Mozilla Firefox and SeaMonkey. Various errors in the browser engine and the Javascript engine can be exploited to...
Python: User-assisted execution of arbitrary code
Background Python is an interpreted, interactive, object-oriented programming language. Description Slythers Bro discovered multiple integer overflows in the imageop module, one of them in the tovideo method, in various locations in files imageop.c, rbgimgmodule.c, and also in other files. Impact...
OpenSSL: Remote execution of arbitrary code
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Andy Polyakov reported a vulnerability in the OpenSSL toolkit, that is caused due to an unspecified...
Ampache: Multiple vulnerabilities
Background Ampache is a PHP-based tool for managing, updating and playing audio files via a web interface. Description LT discovered that the "match" parameter in albums.php is not properly sanitized before being processed. The Ampache development team also reported an error when handling user...
Poppler: Two buffer overflow vulnerabilities
Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The original vulnerability...
Apache mod_jk: Directory traversal
Background Apache modjk is a connector for the Tomcat web server. Description Apache modjk decodes the URL within Apache before passing them to Tomcat, which decodes them a second time. Impact A remote attacker could browse a specially crafted URL on an Apache server running modjk, possibly gaini...
Macromedia Flash Player: Remote arbitrary code execution
Background The Macromedia Flash Player is a renderer for the popular SWF file type which is commonly used to provide interactive websites, digital experiences and mobile content. Description Mark Hills discovered some errors when interacting with a browser for keystrokes handling CVE-2007-2022...
Firebird: Buffer overflow
Background Firebird is an open source relational database that runs on Linux, Windows, and various UNIX systems. Description Cody Pierce from TippingPoint DVLabs has discovered a buffer overflow when processing "connect" requests with an overly large "pcnctcount" value. Impact An unauthenticated...
PHProjekt: Multiple vulnerabilities
Background PHProjekt is a project management and coordination tool written in PHP. Description Alexios Fakos from n.runs AG has discovered multiple vulnerabilities in PHProjekt, including the execution of arbitrary SQL commands using unknown vectors CVE-2007-1575, the execution of arbitrary PHP...
Tomcat: Information disclosure
Background Tomcat is the Apache Jakarta Project's official implementation of Java Servlets and Java Server Pages. Description Tomcat allows special characters like slash, backslash or URL-encoded backslash as a separator, while Apache does not. Impact A remote attacker could send a specially...
File: Denial of service
Background file is a utility that identifies a file format by scanning binary data for patterns. Description Conor Edberg discovered an error in the way file processes a specific regular expression. Impact A remote attacker could entice a user to open a specially crafted file, using excessive CPU...
libwpd: Multiple vulnerabilities
Background libwpd is a library used to convert Wordperfect documents into other formats. Description libwpd contains heap-based overflows in two functions that convert WordPerfect document tables. In addition, it contains an integer overflow in a text-conversion function. Impact An attacker could...
Asterisk: Two SIP Denial of Service vulnerabilities
Background Asterisk is an open source implementation of a telephone private branch exchange PBX. Description The Madynes research team at INRIA has discovered that Asterisk contains a null pointer dereferencing error in the SIP channel when handling INVITE messages. Furthermore qwerty1979...
WordPress: Multiple vulnerabilities
Background WordPress is a popular personal publishing platform with a web interface. Description When decoding trackbacks with alternate character sets, WordPress does not correctly sanitize the entries before further modifying a SQL query. WordPress also displays different error messages in...
Ruby: Denial of service
Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. It comes bundled with HTTP "WEBrick" and XMLRPC server objects. Description Ruby uses blocking sockets for WEBrick and XMLRPC servers. Impact An attacker could send large amounts of data to an...