3816 matches found
Festival: Arbitrary code execution
Background Festival is a Text to Speech Engine from The Centre for Speech Technology Research. Description A vulnerability in Festival Server has an incorrect path in LDLIBRARYPATH, which allows local users to place a Trojan horse shared library in the current working directory. Impact A local...
SWI-Prolog : Multiple vulnerabilities
Background SWI-Prolog is a free, small, and standard compliant Prolog compiler. Description Multiple vulnerabilities have been discovered in SWI-Prolog: An error in the canoniseFileName function could cause a stack-based buffer overflow CVE-2012-6089. An error in the expand function could cause a...
OpenSSL: Multiple Vulnerabilities
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...
libtheora: Arbitrary code execution
Background libtheora is the reference implementation of Theora, a free and open video compression format from the Xiph.org Foundation. Description An integer overflow flaw has been discovered in libtheora. Impact A remote attacker could execute arbitrary code or cause a Denial of Service conditio...
BusyBox: Multiple vulnerabilities
Background BusyBox is set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted DHCP reques...
GNU C Library: Multiple vulnerabilities
Background The GNU C library is the standard C library used by Gentoo Linux systems. Description Multiple vulnerabilities have been discovered in GNU C Library. Please review the CVE identifiers referenced below for details. Impact A local attacker could trigger vulnerabilities in dynamic library...
cpio: Arbitrary code execution
Background GNU cpio copies files into or out of a cpio or tar archive. Description Cpio contains a heap-based buffer overflow in the rmtread function in lib/rtapelib.c. Impact A remote server could sending more data than was requested, related to archive filenames that contain a : colon character...
Perl: Multiple vulnerabilities
Background Perl is Larry Wall’s Practical Extraction and Report Language. Description Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact A local attacker could cause a Denial of Service condition or perform symlink attacks...
Okular: Arbitrary code execution
Background Okular is a universal document viewer based on KPDF for KDE 4. Description Okular contains a heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp. Impact A remote attacker could entice a user ...
Unbound: Denial of service
Background Unbound is a validating, recursive, and caching DNS resolver. Description Multiple vulnerabilities have been discovered in Unbound. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of Service condition via a speciall...
rssh: Access restriction bypass
Background rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users. Description Multiple command line parsing and validation vulnerabilities have been discovered in rssh. Please review the CVE...
Namazu: Multiple vulnerabilities
Background Namazu is a full-text search engine intended for easy use. Description Multiple vulnerabilities have been discovered in Namazu. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code or cause a Denial of Service condition...
Zabbix: Multiple vulnerabilities
Background Zabbix is software for monitoring applications, networks, and servers. Description Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary SQL statements, cause a...
fcron: Information disclosure
Background fcron is a periodic command scheduler for Unix-based systems Description The fcrontab function contains a race condition relating to symlinks. Impact A local attacker could perform symlink attacks to read arbitrary files with the privileges of the user running the application. Workarou...
QtCore, QtGui: Multiple vulnerabilities
Background The Qt toolkit is a comprehensive C++ application development framework. Description Multiple vulnerabilities have been discovered in QtCore and QtGui. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially craft...
OpenVPN: Multiple vulnerabilities
Background OpenVPN is a multi-platform, full-featured SSL VPN solution. Description Multiple vulnerabilities have been discovered in OpenVPN. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to recover plaintext from an encrypted communication...
CTorrent: User-assisted arbitrary code execution
Background CTorrent is a BitTorrent client implemented in C++ to be lightweight and quick. Description CTorrent contains a stack-based buffer overflow in the btFiles::BuildFromMI function in trunk/btfiles.cpp. Impact A remote attacker could entice a user to open a specially crafted torrent file...
Open DC Hub: Arbitrary code execution
Background Open DC Hub is the hub software for the Direct Connect file sharing network. Description A stack-based buffer overflow flaw has been discovered in the way Open DC Hub sanitized content of a user’s MyINFO message. Impact A remote authenticated user may be able to execute arbitrary code ...
GraphicsMagick: Multiple vulnerabilities
Background GraphicsMagick is the Swiss army knife of image processing. Description Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially-crafted image file,...
Netpbm: User-assisted arbitrary code execution
Background Netpbm is a toolkit for manipulation of graphic images, including conversion of images between a variety of different formats. Description A stack-based buffer overflow exists in converter/ppm/xpmtoppm.c in Netpbm. Impact A remote attacker could entice a user to open a specially crafte...
Blender: Multiple vulnerabilities
Background Blender is a 3D Creation/Animation/Publishing System. Description Multiple vulnerabilities have been discovered in Blender. Please review the CVE identifier referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, ...
FreeRADIUS: Multiple vulnerabilities
Background FreeRADIUS is an open source RADIUS authentication server. Description Multiple vulnerabilities have been discovered in FreeRADIUS. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the...
GIMP: Multiple vulnerabilities
Background GIMP is the GNU Image Manipulation Program. Description Multiple vulnerabilities have been discovered in GIMP. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted KiSS palette, GIF image or XWD file...
libxml2: Multiple vulnerabilities
Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted docume...
Quassel: Multiple Vulnerabilities
Background Quassel is a Qt4/KDE4 IRC client suppporting a remote daemon for 24/7 connectivity. Description Two vulnerabilities have been found in Quassel: Quassel does not properly handle multiple CTCP requests CVE-2010-3443. Quassel, when used with certain versions of Qt and PostgreSQL, does not...
Vixie cron: Denial of service
Background Paul Vixie’s cron daemon, a fully featured crond implementation. Description Vixie cron contains a race condition relating to atime and mtime values of temporary files. Impact A local attacker could change the modification time of files, possibly resulting in a Denial of Service...
phpMyAdmin: Multiple vulnerabilities
Background phpMyAdmin is a web-based management tool for MySQL databases. Description Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact A remote authenticated attacker could exploit these vulnerabilities to execute...
Mednafen: Arbitrary code execution
Background Mednafen is an advanced NES, GB/GBC/GBA, TurboGrafx 16/CD, NGPC and Lynx emulator. Description An unspecified vulnerability has been discovered in Mednafen when using network play. Impact A remote server could execute arbitrary code with the privileges of the process. Workaround There ...
pmake: Insecure temporary file usage
Background pmake is Debian’s version of NetBSD’s make, a tool to build programs in parallel. Description /usr/share/mk/bsd.lib.mk and /usr/share/mk/bsd.prog.mk create temporary files insecurely, with predictable names /tmp/dependPID, and without using $TMPDIR. Impact The make include files allow...
acpid2: Privilege escalation
Background acpid2 is a daemon for Advanced Configuration and Power Interface. Description acpid2 does not properly use the pidof program in powerbtn.sh. Impact A local attacker could gain escalated privileges. Workaround There is no known workaround at this time. Resolution All acpid2 users shoul...
X2Go Server: Arbitrary code execution
Background X2Go is an open source terminal server project. Description A vulnerability in the setgid wrapper x2gosqlitewrapper.c does not hardcode an internal path to x2gosqlitewrapper.pl, allowing a remote attacker to change that path. Impact A remote attacker may be able to execute arbitrary co...
GnuTLS: Multiple vulnerabilities
Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers and Lucky Thirteen research paper referenced below for details. Impact A remote attacker could sent a...
MediaWiki: Multiple vulnerabilities
Background The MediaWiki wiki web application as used on wikipedia.org. Description Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary code, perform man-in-the-middle...
TPTEST: Arbitrary code execution
Background TPTEST is a tool to measure the speed of a user’s Internet connection. Description The GetStatsFromLine function in TPTEST is vulnerable to buffer overflows from STATS lines with long email and pwd fields. Impact A remote attacker could send a specially-crafted STATS line, possibly...
GNU Automake: Multiple vulnerabilities
Background GNU Automake is a tool for automatically generating Makefile.in files compliant with the GNU Coding Standards. Description Multiple vulnerabilities have been discovered in GNU Automake. Please review the CVE identifiers referenced below for details. Impact A local attacker could execut...
Groff: Multiple Vulnerabilities
Background GNU Troff Groff is a text formatter used for man pages. Description Multiple vulnerabilities have been discovered in Groff. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could perform symlink attacks to overwrite arbitrary files wit...
MPlayer: Multiple vulnerabilities
Background MPlayer is a media player including support for a wide range of audio and video formats. Description Multiple vulnerabilities have been discovered in MPlayer and the bundled FFmpeg. Please review the CVE identifiers and FFmpeg GLSA referenced below for details. Impact A remote attacker...
FFmpeg: Multiple vulnerabilities
Background FFmpeg is a complete solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers and FFmpeg changelogs referenced below for details. Impact A remote attacker could entice a user to open a...
Perl Parallel-ForkManager Module: Insecure temporary file usage
Background Parallel-ForkManager is a simple parallel processing fork manager for Perl. Description The Perl Parallel-ForkManager module does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user...
PolarSSL: Multiple vulnerabilities
Background PolarSSL is a cryptographic library for embedded systems. Description Multiple vulnerabilities have been discovered in PolarSSL. Please review the CVE identifiers referenced below for details. Impact A remote attacker might be able to cause Denial of Service, conduct a man-in-the middl...
OpenJPEG: User-assisted execution of arbitrary code
Background OpenJPEG is an open-source JPEG 2000 library. Description OpenJPEG contains an invalid free error and multiple buffer overflow flaws. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted JPEG file,...
Quagga: Multiple vulnerabilities
Background Quagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Description Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause arbitrary code execution or a...
Setuptools: Man-in-the-Middle attack
Background Setuptools is a manager for Python packages. Description Setuptools does not check the integrity of downloaded Python packages. Impact A remote attacker could perform man-in-the-middle attacks to execute arbitrary code with the privileges of the process. Workaround There is no known...
Aircrack-ng: User-assisted execution of arbitrary code
Background Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. Description A buffer overflow vulnerability has been discovered in Aircrack-ng. Impact A remote attacker could entice a user to open a specially crafted dum...
Poppler: Multiple vulnerabilities
Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF...
nginx: Multiple vulnerabilities
Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description Multiple vulnerabilities have been discovered in nginx. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted request, possibly...
GEGL: User-assisted execution of arbitrary code
Background GEGL is a graph-based image processing framework. Description Multiple integer overflows in GEGL may cause a heap-based buffer overflow. Impact A remote attacker could entice a user to open a specially crafted PPM image using an application linked against GEGL, possibly resulting in...
isync: Man-in-the-Middle attack
Background isync is an IMAP and MailDir mailbox synchronizer. Description isync does not properly verify the server’s hostname against the CN field in the SSL certificate. Impact A remote server could perform man-in-the-middle attacks to disclose passwords or obtain other sensitive information...
Perl Module-Signature module: Arbitrary code execution
Background The Perl Module::Signature module adds signing capabilities to CPAN modules. Description The ‘cpansign verify’ command will automatically download keys and use them to check the signature of CPAN packages via the SIGNATURE file. If an attacker were to replace this SHA1 with a special...
Mozilla Products: Multiple vulnerabilities
Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the ‘Mozilla...