3816 matches found
PHP: Arbitary code execution
Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description The sscanf PHP function contains an array boundary error that can be exploited to dereference a null pointer. This can possibly allow the...
Motor: Execution of arbitrary code
Background Motor is a text mode based programming environment for Linux, with a syntax highlighting feature, project manager, makefile generator, gcc and gdb front-end, and CVS integration. Description In November 2005, Zone-H Research reported a boundary error in the ktools library in the...
Mozilla SeaMonkey: Multiple vulnerabilities
Background The Mozilla SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as "Mozilla Application Suite". Description The following vulnerabilities have been reported: Benjamin Smedberg discovered that chrome URL's...
Nagios: Buffer overflow
Background Nagios is an open source host, service and network monitoring program. Description Sebastian Krahmer of the SuSE security team discovered a buffer overflow vulnerability in the handling of a negative HTTP Content-Length header. Impact A buffer overflow in Nagios CGI scripts under certa...
zgv, xzgv: Heap overflow
Background xzgv and zgv are picture viewing utilities with a thumbnail based file selector. Description Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space...
WordPress: SQL injection vulnerability
Background WordPress is a PHP and MySQL based content management and publishing system. Description Patrik Karlsson reported that WordPress 1.5.2 makes use of an insufficiently filtered User Agent string in SQL queries related to comments posting. This vulnerability was already fixed in the...
Blender: Heap-based buffer overflow
Background Blender is an open source software for 3D modeling, animation, rendering, post-production, interactive creation and playback. Description Damian Put has reported a flaw due to an integer overflow in the "getbhead" function, leading to a heap overflow when processing malformed ".blend"...
Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities
Background Xpdf and GPdf are PDF file viewers that run under the X Window System. Poppler is a PDF rendering library based on Xpdf code. The Common UNIX Printing System CUPS is a cross-platform print spooler. It makes use of Xpdf code to handle PDF files. Description infamous41md discovered that...
chmlib, KchmViewer: Stack-based buffer overflow
Background chmlib is a library for dealing with Microsoft ITSS and CHM format files. KchmViewer is a CHM viewer that includes its own copy of the chmlib library. Description Sven Tantau reported about a buffer overflow vulnerability in chmlib. The function "chmdecompressblock" does not properly...
Weex: Format string vulnerability
Background Weex is a non-interactive FTP client typically used to update web pages. Description Ulf Harnhammar discovered a format string bug in Weex that can be triggered when it is first run or when its cache files are rebuilt, using the -r option. Impact An attacker could setup a malicious FTP...
Python: Heap overflow in the included PCRE library
Background Python is an interpreted, interactive, object-oriented, cross-platform programming language. The "re" Python module provides regular expression functions. Description The "re" Python module makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap...
GNU Gadu, CenterICQ, Kadu, EKG, libgadu: Remote code execution in Gadu library
Background GNU Gadu, CenterICQ, Kadu and EKG are instant messaging applications created to support Gadu Gadu instant messaging protocol. libgadu is a library that implements the client side of the Gadu-Gadu protocol. Description GNU Gadu, CenterICQ, Kadu, EKG and libgadu are vulnerable to an...
Adobe Acrobat Reader: Buffer overflow vulnerability
Background Adobe Acrobat Reader is a utility used to view PDF files. Description A buffer overflow has been discovered in the UnixAppOpenFilePerform function, which is called when Adobe Acrobat Reader tries to open a file with the "\Filespec" tag. Impact By enticing a user to open a specially...
cpio: Directory traversal vulnerability
Background cpio is a file archival tool which can also read and write tar files. Description A vulnerability has been found in cpio that can potentially allow a cpio archive to extract its files to an arbitrary directory of the creator's choice. Impact An attacker could create a malicious cpio...
Wordpress: Multiple vulnerabilities
Background WordPress is a PHP and MySQL based content management and publishing system. Description Due to a lack of input validation, WordPress is vulnerable to SQL injection and XSS attacks. Impact An attacker could use the SQL injection vulnerabilities to gain information from the database...
phpMyAdmin: Insecure SQL script installation
Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. phpMyAdmin uses a pma MySQL user to control the linked-tables infrastructure. The SQL install script sets the initial password for the pma user. Description The phpMyAdmin...
Heimdal: Buffer overflow vulnerabilities
Background Heimdal is a free implementation of Kerberos 5 that includes a telnet client program. Description Buffer overflow vulnerabilities in the slcaddreply and envoptadd functions have been discovered by Gael Delalleau in the telnet client in Heimdal. Impact Successful exploitation would...
eGroupWare: XSS and SQL injection vulnerabilities
Background eGroupWare is a suite of web-based group applications including calendar, address book, messenger and email. Description Multiple SQL injection and cross-site scripting vulnerabilities have been found in several eGroupWare modules. Impact An attacker could possibly use the SQL injectio...
Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities
Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Mozilla Firefox is the next-generation browser from the Mozilla project. Description The following vulnerabilities were found and fixed in the Mozilla Suite and Mozilla Firefox: Vladimir V...
monkeyd: Multiple vulnerabilities
Background monkeyd is a fast, efficient, small and easy to configure web server for Linux. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discovered a...
netkit-telnetd: Buffer overflow
Background netkit-telnetd provides standard Linux telnet client and server. Description A buffer overflow has been identified in the slcaddreply function of netkit-telnetd client, where a large number of SLC commands can overflow a fixed size buffer. Impact Successful explotation would require a...
X.org: libXpm vulnerability
Background libXpm is a pixmap manipulation library for the X Window System, included in X.org. Description Chris Gilbert has discovered potentially exploitable buffer overflow cases in libXpm that weren't fixed in previous libXpm versions. Impact A carefully-crafted XPM file could crash X.org,...
KDE dcopidlng: Insecure temporary file creation
Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. DCOP is KDE's simple IPC/RPC mechanism. dcopidlng is a DCOP helper script. Description Davide Madrisan has discovered that the dcopidlng script creates temporary files in a world-writable...
cmd5checkpw: Local password leak vulnerability
Background cmd5checkpw is a checkpassword compatible authentication program that uses CRAM-MD5 authentication mode. Description Florian Westphal discovered that cmd5checkpw is installed setuid cmd5checkpw but does not drop privileges before calling execvp, so the invoked program retains the...
Mailman: Cross-site scripting vulnerability
Background Mailman is a Python-based mailing list server with an extensive web interface. Description Florian Weimer has discovered a cross-site scripting vulnerability in the error messages that are produced by Mailman. Impact By enticing a user to visiting a specially-crafted URL, an attacker c...
Exim: Two buffer overflows
Background Exim is an highly configurable message transfer agent MTA developed at the University of Cambridge. Description Buffer overflows have been found in the hostaton function CAN-2005-0021 as well as in the spabase64tobits function CAN-2005-0022, which is part of the SPA authentication code...
pdftohtml: Vulnerabilities in included Xpdf
Background pdftohtml is a utility to convert PDF files to HTML or XML formats. It makes use of Xpdf code to decode PDF files. Description Xpdf is vulnerable to integer overflows, as described in GLSA 200412-24. Impact An attacker could entice a user to convert a specially-crafted PDF file,...
Gaim: Multiple vulnerabilities
Background Gaim is a full featured instant messaging client which handls a variety of instant messaging protocols. Description A possible buffer overflow exists in the code processing MSN SLP messages CAN-2004-0891. memcpy was used without validating the size of the buffer, and an incorrect buffe...
Ghostscript: Insecure temporary file use in multiple scripts
Background Ghostscript is a software package providing an interpreter for the PostScript language and the PDF file format. It also provides output drivers for various file formats and printers. Description The pj-gs.sh, ps2epsi, pv.sh and sysvlp.sh scripts create temporary files in world-writeabl...
Squid: Remote DoS vulnerability
Background Squid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. Description A parsing error exists in t...
GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities
Background GTK+ GIMP Toolkit + is a toolkit for creating graphical user interfaces. The GdkPixbuf library provides facilities for image handling. It is available as a standalone library as well as shipped with GTK+ 2. Description A vulnerability has been discovered in the BMP image preprocessor...
Tomcat: Insecure installation
Background Tomcat is the Apache Jakarta Project's official implementation of Java Servlets and Java Server Pages. Description The Gentoo ebuild for Tomcat sets the ownership of the Tomcat init scripts as tomcat:tomcat, but those scripts are executed with root privileges when the system is started...
CVS: additional DoS and arbitrary code execution vulnerabilities
Background CVS Concurrent Versions System is an open-source network-transparent version control system. It contains both a client utility and a server. Description A team audit of the CVS source code performed by Stefan Esser and Sebastian Krahmer resulted in the discovery of several remotely...
Multiple format string vulnerabilities in neon 0.24.4 and earlier
Background neon provides an HTTP and WebDAV client library. Description There are multiple format string vulnerabilities in libneon which may allow a malicious WebDAV server to execute arbitrary code under the context of the process using libneon. Impact An attacker may be able to execute arbitra...
PHP: Multiple Vulnerabilities
Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact Please review th...
GPAC: Multiple Vulnerabilities
Background GPAC is an implementation of the MPEG-4 Systems standard developed from scratch in ANSI C. Description Multiple vulnerabilities have been discovered in GPAC. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
Flatpak: Sandbox Escape
Background Flatpak is a Linux application sandboxing and distribution framework. Description A vulnerability has been discovered in Flatpak. Please review the CVE identifier referenced below for details. Impact A malicious or compromised Flatpak app could execute arbitrary code outside its sandbo...
Mozilla Firefox: Multiple Vulnerabilities
Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
libssh: Multiple Vulnerabilities
Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...
Open vSwitch: Multiple Vulnerabilities
Background Open vSwitch is a production quality multilayer virtual switch. Description Multiple vulnerabilities have been discovered in Open vSwitch. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There i...
phpMyAdmin: Multiple Vulnerabilities
Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the web. Description Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers...
AIDE: Root Privilege Escalation
Background AIDE Advanced Intrusion Detection Environment is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config files. Once this database is initialized it can be used to verify the integrity of the files. It has several...
GitPython: Code Execution via Crafted Input
Background GitPython is a Python library used to interact with Git repositories. Description Please review the CVE identifier referenced below for details. Impact An attacker may be able to trigger Remote Code Execution RCE due to improper user input validation, which makes it possible to inject ...
Fish: User-assisted execution of arbitrary code
Background Smart and user-friendly command line shell for macOS, Linux, and the rest of the family. It includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. Description A vulnerability have been discovered in...
Mozilla Firefox: Multiple Vulnerabilities
Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
LibreOffice: Arbitrary Code Execution
Background LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. Description LibreOffice links using the vnd.libreoffice.command scheme could be constructed to call internal macros with arbitrary arguments. Which...
sudo: Heap-Based Buffer Overread
Background sudo allows a system administrator to give users the ability to run commands as other users. Description In certain password input handling, sudo incorrectly assumes the password input is at least nine bytes in size, leading to a heap buffer overread. Impact In the worst case, the heap...
Net-SNMP: Multiple Vulnerabilities
Background Net-SNMP is a suite of applications used to implement the Simple Network Management Protocol. Description Multiple vulnerabilities have been discovered in Net-SNMP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...
X.Org X server, XWayland: Multiple Vulnerabilities
Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.Org X server and XWayland. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
Apptainer: Lack of Digital Signature Hash Verification
Background Apptainer is the container system for secure high-performance computing. Description The Go module "sif" version 2.8.0 and older, which is a statically linked dependency of Apptainer, does not verify that the hash algorithms used are cryptographically secure when verifying digital...