3816 matches found
Wireshark: Multiple Vulnerabilities
Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
GraphicsMagick: Multiple Vulnerabilities
Background GraphicsMagick is a collection of tools and libraries which support reading, writing, and manipulating images in many major formats. Description Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact Pleas...
BladeEnc: Buffer overflow
Background BladeEnc is an mp3 encoder. Description A crafted file could cause a buffer overflow in the iterationloop function in BladeEnc. Impact A remote attacker could entice a user to open a specially crafted using BladeEnc, possibly resulting in execution of arbitrary code with the privileges...
PowerDNS Recursor: Denial of service
Background PowerDNS Recursor is a high-end, high-performance resolving name server. Description It was discovered that it was possible to update the DNSSEC validation state to a bogus state for a cached record via DNS ANY query. Impact A remote attacker could send specially crafted DNS queries to...
libass: User-assisted execution of arbitrary code
Background libass is a portable subtitle renderer for the ASS/SSA Advanced Substation Alpha/Substation Alpha subtitle format. Description It was discovered that libass did not properly handle Advanced Substation Alpha/Substation Alpha subtitle format files. Impact A remote attacker could entice a...
Thin: Privilege escalation
Background Thin is a small and fast Ruby web server. Description It was discovered that Gentoo’s Thin ebuild does not properly handle its temporary runtime directories. This only affects OpenRC systems, as the flaw was exploitable via the init script. Impact A local attacker could cause denial of...
libexif: Multiple vulnerabilities
Background libexif is a library for parsing, editing and saving Exif metadata from images. Description Multiple vulnerabilities have been discovered in libexif. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
fwupd, libjcat: Multiple vulnerabilities
Background fwupd aims to make updating firmware on Linux automatic, safe and reliable. libjcat is a library and tool for reading and writing Jcat files. Description Multiple vulnerabilities have been discovered in fwupd and libjcat. Please review the CVE identifiers referenced below for details...
WeeChat: Multiple vulnerabilities
Background Wee Enhanced Environment for Chat WeeChat is a light and extensible console IRC client. Description Multiple vulnerabilities have been discovered in WeeChat. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by sending a specially crafted IRC...
glibc: Multiple vulnerabilities
Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...
PostgreSQL: SQL injection
Background PostgreSQL is an open source object-relational database management system. Description A vulnerability was discovered in PostgreSQL’s pgupgrade and pgdump. Impact An attacker, by enticing a user to process a specially crafted trigger definition, can execute arbitrary SQL statements wit...
TigerVNC: Multiple vulnerabilities
Background TigerVNC is a high-performance VNC server/client. Description Multiple vulnerabilities have been discovered in TigerVNC. Please review the referenced CVE Identifiers for details. Impact An attacker could execute arbitrary code or cause a Denial of Service condition. Workaround There is...
PySAML2: Security bypass
Background PySAML2 is a pure python implementation of SAML2 Description It was found that the PySAML2 relies on an assert statement to check the user’s password. A python optimizations might remove this assertion. Impact A remote attacker could bypass security restrictions and access any...
MariaDB, MySQL: Root privilege escalation
Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description The Gentoo installation scripts before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging...
Puppet Agent: Multiple vulnerabilities
Background Puppet Agent contains Puppet’s main code and all of the dependencies needed to run it, including Facter, Hiera, and bundled versions of Ruby and OpenSSL. Description Multiple vulnerabilities have been discovered in Puppet Agent. Please review the references for details. Impact A remote...
libsoup: Arbitrary remote code execution
Background libsoup is an HTTP client/server library for GNOME. Description A stack based buffer overflow vulnerability was discovered in libsoup. Impact A remote attacker, by using specially crafted HTTP requests, could execute arbitrary code with the privileges of the process. Workaround There i...
Bugzilla: Multiple vulnerabilities
Background Bugzilla is the bug-tracking system from the Mozilla project. Description Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details. Impact Privileged account holders could execute system level commands, and the new user...
QtGui: Multiple vulnerabilities
Background QtGui is the GUI module and platform plugins for the Qt framework Description Multiple buffer overflow vulnerabilities have been discovered in QtGui. It is possible for remote attackers to construct specially crafted BMP, ICO, or GIF images that lead to buffer overflows. After...
GnuTLS: Multiple vulnerabilities
Background GnuTLS is an Open Source implementation of the TLS and SSL protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers and external references below for details. Impact A context-dependent attacker can cause a denial of service...
grep: Denial of service
Background grep is the GNU regular expression matcher. Description A heap buffer overrun has been fixed in the bmexectrans function in kwset.c. Impact A local user can cause Denial of Service. Workaround There is no known workaround at this time. Resolution All grep users should upgrade to the...
nginx: Information disclosure
Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description An SSL session fixation vulnerability has been found in nginx when multiple servers use the same shared sslsessioncache or sslsessionticketkey. Impact A remote attacker may be able to obtain...
sendmail: Information disclosure
Background sendmail is a widely-used Mail Transport Agent MTA. Description The smcloseonexec function in conf.c has arguments in the wrong order. Impact A local attacker could get access to unintended high-numbered file descriptors via a specially crafted program. Workaround There is no known...
Xfig: User-assisted execution of arbitrary code
Background Xfig is an interactive drawing tool. Description A stack-based buffer overflow and a stack consumption vulnerability have been found in Xfig. Impact A remote attacker could entice a user to open a specially-crafted file, potentially resulting in arbitrary code execution or a Denial of...
GNU Libtasn1: Multiple vulnerabilities
Background The ASN.1 library used in GNUTLS. Description Multiple vulnerabilities have been discovered in GNU Libtasn1. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could possibly cause a Denial of Service condition. Workaround There is no...
Zend Framework: SQL injection
Background Zend Framework is a high quality and open source framework for developing Web Applications. Description Developers using non-ASCII-compatible encodings in conjunction with the MySQL PDO driver of PHP may be vulnerable to SQL injection attacks. Impact A remote attacker could use special...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
Adobe Reader: Arbitrary Code Execution
Background Adobe Reader is a closed-source PDF reader. Description An unspecified vulnerability exists in Adobe Reader. Impact An attacker could execute arbitrary code or cause a Denial of Service condition. Workaround There is no known workaround at this time. Resolution All Adobe Reader users...
Xlockmore: Denial of service
Background Xlockmore is just another screensaver application for X. Description A Denial of Service flaw was found in the way Xlockmore performed the passing of arguments to the underlying localtime call, when the ‘dlock’ mode was used. Impact A local attacker could possibly cause a Denial of...
w3m: SSL spoofing vulnerability
Background w3m is a text based WWW browser. Description A SSL spoofing vulnerability has been discovered in w3m. Please review the CVE identifier referenced below for details. Impact A remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on SSL...
Postfixadmin: Multiple vulnerabilities
Background Postfixadmin is a web-based management tool for Postfix-style virtual domains and users. Description Multiple SQL injection vulnerabilities CVE-2012-0811 and cross-site scripting vulnerabilities CVE-2012-0812 have been found in Postfixadmin. Impact A remote attacker could exploit these...
sendmail: X.509 NULL spoofing vulnerability
Background sendmail is a widely-used Mail Transport Agent MTA. Description A vulnerability has been discovered in sendmail. Please review the CVE identifier referenced below for details. Impact A remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
tftp-hpa: Remote buffer overflow
Background tftp-hpa is the port of the OpenBSD TFTP server. Description A vulnerability has been discovered in tftp-hpa. Please review the CVE identifier referenced below for details. Impact The vulnerability might allow remote attackers to execute arbitrary code. Workaround There is no known...
ArgyllCMS: User-assisted execution of arbitrary code
Background ArgyllCMS is an ICC compatible color management system that supports accurate ICC profile creation for scanners, cameras and film recorders. Description ArgyllCMS does not properly handle ICC profiles causing a use-after-free vulnerability. Impact A remote attacker could entice a user ...
Tor: Multiple vulnerabilities
Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor: When configured as client or bridge, Tor uses the same TLS certificate chain for all outgoing...
phpDocumentor: Function call injection
Background The phpDocumentor package provides automatic documenting of PHP API directly from the source. Description phpDocumentor bundles Smarty with the modifier.regexreplace.php plug-in which does not properly sanitize input related to the ASCII NUL character in a search string. Impact A remot...
X.Org X Server: Multiple vulnerabilities
Background The X Window System is a graphical windowing system based on a client/server model. Description vladz reported the following vulnerabilities in the X.Org X server: The X.Org X server follows symbolic links when trying to access the lock file for a X display, showing a predictable...
BIND: Multiple vulnerabilities
Background ISC BIND is the Internet Systems Consortium implementation of the Domain Name System DNS protocol. Description Multiple cache poisoning vulnerabilities were discovered in BIND. For further information please consult the CVE entries and the ISC Security Bulletin referenced below. Note:...
Ruby: Terminal Control Character Injection
Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. It comes bundled with a HTTP server "WEBrick". Description Giovanni Pellerano, Alessandro Tanasi and Francesco Ongaro reported that WEBrick does not filter terminal control characters, for instanc...
Xerces-C++: Denial of service
Background Xerces-C++ is a validating XML parser written in a portable subset of C++. Description Frank Rast reported that the XML parser in Xerces-C++ does not correctly handle an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during the validatio...
cURL: Arbitrary file access
Background cURL is a command line tool for transferring files with URL syntax, supporting numerous protocols. Description David Kierznowski reported that the redirect implementation accepts arbitrary Location values when CURLOPTFOLLOWLOCATION is enabled. Impact A remote attacker could possibly...
Real VNC: User-assisted execution of arbitrary code
Background Real VNC is a remote desktop viewer display system. Description An unspecified vulnerability has been discovered int the CMsgReader::readRect function in the VNC Viewer component, related to the encoding type of RFB protocol data. Impact A remote attacker could entice a user to connect...
Pidgin: Multiple vulnerabilities
Background Pidgin formerly Gaim is an instant messaging client for a variety of instant messaging protocols. It is based on the libpurple instant messaging library. Description Multiple vulnerabilities have been discovered in Pidgin and the libpurple library: A participant to the TippingPoint ZDI...
D-Bus: Denial of service
Background D-Bus is a daemon providing a framework for applications to communicate with one another. Description schelte reported that the dbussignaturevalidate function can trigger a failed assertion when processing a message containing a malformed signature. Impact A local user could send a...
enscript: User-assisted execution of arbitrary code
Background enscript is a powerful ASCII to PostScript file converter. Description Two stack-based buffer overflows in the readspecialescape function in src/psgen.c have been reported. Ulf Harnhammar of Secunia Research discovered a vulnerability related to the "setfilename" command CVE-2008-3863,...
OptiPNG: User-assisted execution of arbitrary code
Background OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. Description A buffer overflow in the BMP reader in OptiPNG has been reported. Impact A remote attacker could entice a user to process a specially crafted BMP image, possibly...
PCRE: Buffer overflow
Background PCRE is a Perl-compatible regular expression library. GLib includes a copy of PCRE. Description Tavis Ormandy of the Google Security team reported a heap-based buffer overflow when compiling regular expression patterns containing "Internal Option Settings" such as "?i ". Impact A remot...
rdesktop: Multiple vulnerabilities
Background rdesktop is an open source Remote Desktop Protocol RDP client. Description An anonymous researcher reported multiple vulnerabilities in rdesktop via iDefense Labs: An integer underflow error exists in the function isorecvmsg in the file iso.c which can be triggered via a specially...
Samba: Heap-based buffer overflow
Background Samba is a suite of SMB and CIFS client/server programs. Description Alin Rad Pop Secunia Research reported a vulnerability in Samba within the receivesmbraw function in the file lib/utilsock.c when parsing SMB packets, possibly leading to a heap-based buffer overflow via an overly lar...
ClamAV: Multiple vulnerabilities
Background Clam AntiVirus is a free anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities have been reported: Damian Put reported a heap-based buffer overflow when processing PeSpin packed PE binaries CVE-2008-0314. Alin Rad Po...