3816 matches found
mini_httpd: Arbitrary code execution
Background minihttpd is a small webserver with optional SSL and IPv6 support. Description minihttpd does not properly check for shell escapes when parsing HTTP requests. Impact A remote attacker could send specially crafted HTTP requests, possibly resulting in execution of arbitrary code with the...
Apache Tomcat: Multiple vulnerabilities
Background Apache Tomcat is a Servlet-3.0/JSP-2.2 Container. Description Multiple vulnerabilities have been discovered in Apache Tomcat. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow an attacker to cause a Denial of Service, to hijack a session, ...
gdk-pixbuf: Denial of service
Background gdk-pixbuf is an image loading library for GTK+. Description Two vulnerabilities have been found in gdk-pixbuf: The "gdkpixbufgifimageload" function in io-gif.c fails to properly handle certain return values from subroutines CVE-2011-2485. The "readbitmapfiledata" function in io-xbm.c...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
NVIDIA Drivers: Privilege escalation
Background The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic boards. Description A vulnerability has been found in the way NVIDIA drivers handle read/write access to GPU device nodes, allowing access to arbitrary system memory locations. NOTE: Exposure to this vulnerability is...
GnuTLS: Multiple vulnerabilities
Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been found in GnuTLS: An error in libgnutls does not properly sanitize "\0" characters from certificate fields CVE-2009-2730. An error in the TLS and SSL protocols...
virtualenv: Insecure temporary file usage
Background virtualenv is a virtual Python environment builder. Description The virtualenv.py script in virtualenv does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application...
TagLib: Multiple vulnerabilities
Background TagLib is a library for reading and editing audio meta data. Description Multiple vulnerabilities have been found in TagLib: The "analyzeCurrent" function in ape/apeproperties.cpp contains a division by zero error CVE-2012-1107. The "parse" function in inogg/xiphcomment.cpp contains an...
Adobe Reader: Multiple vulnerabilities
Background Adobe Reader is a closed-source PDF reader. Description Multiple vulnerabilities have been found in Adobe Reader, including an integer overflow in TrueType Font handling CVE-2012-0774 and multiple unspecified errors which could cause memory corruption. Impact A remote attacker could...
libpng: Multiple vulnerabilities
Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several programs, including web browsers and potentially server processes. Description Multiple vulnerabilities have been discovered in libpng: The “embeddedprofilelen” function in pngwutil...
tftp-hpa: Remote buffer overflow
Background tftp-hpa is the port of the OpenBSD TFTP server. Description A vulnerability has been discovered in tftp-hpa. Please review the CVE identifier referenced below for details. Impact The vulnerability might allow remote attackers to execute arbitrary code. Workaround There is no known...
OpenJPEG: User-assisted execution of arbitrary code
Background OpenJPEG is an open-source JPEG 2000 library. Description An error in jp2.c of OpenJPEG could allow an out-of-bounds write error. Impact A remote attacker could entice a user to open a specially crafted JPEG file, possibly resulting in execution of arbitrary code or a Denial of Service...
ejabberd: Multiple Denial of Service vulnerabilities
Background ejabberd is the Erlang jabber daemon. Description Multiple vulnerabilities have been discovered in ejabberd. Please review the CVE identifiers referenced below for details. Impact ejabberd allows remote attackers to cause a Denial of Service condition with the result of either crashing...
Mono: Multiple vulnerabilities
Background Mono is an open source implementation of Microsoft's .NET Framework. Description Multiple vulnerabilities have been discovered in Mono and Mono debugger. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code, bypass genera...
MediaWiki: Multiple vulnerabilities
Background The MediaWiki wiki web application as used on wikipedia.org. Description Multiple vulnerabilities have been discovered in mediawiki. Please review the CVE identifiers referenced below for details. Impact MediaWiki allows remote attackers to bypass authentication, to perform imports fro...
nginx: User-assisted execution of arbitrary code
Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description An error in ngxhttpmp4module.c could cause a buffer overflow. NOTE: nginx must have been emerged with USE="nginxmoduleshttpmp4" in order to be affected by this vulnerability. Impact A remote...
Pidgin: Multiple vulnerabilities
Background Pidgin is an GTK Instant Messenger client. Description Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact These vulnerabilities allow for arbitrary file retrieval, Denial of Service and arbitrary code executio...
Asterisk: Multiple vulnerabilities
Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been found in Asterisk: An error in manager.c allows shell access through the MixMonitor application, GetVar, or Status CVE-2012-2414. An error in chanskinny.c could cause a heap-based...
Wicd: Multiple vulnerabilities
Background Wicd is an open source wired and wireless network manager for Linux. Description Two vulnerabilities have been found in Wicd: Passwords and passphrases are written to /var/log/wicd CVE-2012-0813. Input from the daemon's D-Bus interface is not properly sanitized CVE-2012-2095. Impact A...
ArgyllCMS: User-assisted execution of arbitrary code
Background ArgyllCMS is an ICC compatible color management system that supports accurate ICC profile creation for scanners, cameras and film recorders. Description ArgyllCMS does not properly handle ICC profiles causing a use-after-free vulnerability. Impact A remote attacker could entice a user ...
Opera: Multiple vulnerabilities
Background Opera is a fast web browser that is available free of charge. Description Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web page, possibly...
QtGui: User-assisted execution of arbitrary code
Background QtGui is a module for the Qt toolkit. Description An error in qtiffhandler.cpp could cause a buffer overflow. Impact A remote attacker could entice a user to open a specially crafted TIFF image with an application linked against QtGui, possibly resulting in execution of arbitrary code...
BIND: Multiple vulnerabilities
Background BIND is the Berkeley Internet Name Domain Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow remote attackers to cause a Denial of Service daemon crash via a DNS...
Chromium, V8: Multiple vulnerabilities
Background Chromium is an open source web browser project. V8 is Google’s open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...
Chromium, V8: Multiple vulnerabilities
Background Chromium is an open source web browser project. V8 is Google’s open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...
Chromium: Multiple vulnerabilities
Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...
ConnMan: Multiple vulnerabilities
Background ConnMan provides a daemon for managing Internet connections. Description Multiple vulnerabilities have been found in ConnMan: Errors in inet.c and rtnl.c prevent ConnMan from checking the origin of netlink messages CVE-2012-2320. ConnMan does not properly check for shell escapes when...
SWFTools: User-assisted execution of arbitrary code
Background SWFTools is a collection of SWF manipulation and generation utilities written by Rainer Böhme and Matthias Kramm. Description Integer overflow errors in the "getPNG" function in png.c and the "jpegload" function in jpeg.c could cause a heap-based buffer overflow. Impact A remote attack...
Perl DBD-Pg Module: Arbitrary code execution
Background DBD-Pg is a PostgreSQL interface module for Perl. Description Format string vulnerabilities have been found in the the "pgwarn" and "dbdstprepare" functions in dbdimp.c. Impact A remote PostgreSQL server could send specially crafted database warnings or DBD statements, possibly resulti...
FreeType: Multiple vulnerabilities
Background FreeType is a high-quality and portable font engine. Description Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted font, possibly resulting ...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
PolicyKit: Multiple vulnerabilities
Background PolicyKit is a toolkit for controlling privileges for system-wide services. Description Multiple vulnerabilities have been found in PolicyKit: Error messages in the pkexec utility disclose the existence of local files CVE-2010-0750. The pkexec utility initially checks the effective use...
Chromium: Multiple vulnerabilities
Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...
InspIRCd: Arbitrary code execution
Background InspIRCd Inspire IRCd is a modular C++ IRC daemon Description A vulnerability in InspIRCd allows DNS compression features to control the number of overflowed bytes sent to the heap-based buffer "res" in dns.cpp. Impact A remote attacker could send specially crafted DNS responses,...
VirtualBox: Multiple vulnerabilities
Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple unspecified vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact A local attacker may be able to gain escalated privileges via unknown...
Chromium, V8: Multiple vulnerabilities
Background Chromium is an open source web browser project. V8 is Google's open source JavaScript engine. SPDY is an experimental networking protocol. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below...
libzip: Multiple vulnerabilities
Background libzip is a library for manipulating zip archives. Description Two vulnerabilities have been found in the "zipreadcdir" function in zipopen.c of libzip: An incorrect loop construct, which could cause a heap-based buffer overflow CVE-2012-1162. An integer overflow, which may not restric...
Logwatch: Arbitrary code execution
Background Logwatch analyzes and reports on system logs. Description logwatch.pl does not properly sanitize log filenames against shell metacharacters before passing them to the "system" function. Impact A remote attacker could pass a specially crafted log filename to Logwatch, possibly resulting...
Asterisk: Multiple vulnerabilities
Background Asterisk is an open source telephony engine and toolkit. Description Two vulnerabilities have been found in Asterisk: The "milliwattgenerate" function in appmilliwatt.c is vulnerable to a stack overrun AST-2012-002. The "astparsedigest" function in utils.c is vulnerable to a stack-base...
nginx: Multiple vulnerabilities
Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description Multiple vulnerabilities have been found in nginx: The TLS protocol does not properly handle session renegotiation requests CVE-2009-3555. The "ngxhttpprocessrequestheaders" function in...
Chromium: Multiple vulnerabilities
Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...
Openswan: Denial of service
Background Openswan is an implementation of IPsec for Linux. Description Two vulnerabilities have been found in Openswan: Improper permissions are used on /var/run/starter.pid and /var/lock/subsys/ipsec CVE-2011-2147. Openswan contains a use-after-free error in the cryptographic helper handler...
Minitube: Insecure temporary file usage
Background Minitube is a Qt4 YouTube desktop client. Description Tomáš Pružina reported that Minitube does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround...
HPLIP: Multiple vulnerabilities
Background The Hewlett-Packard Linux Imaging and Printing system HPLIP provides drivers for HP's inkjet and laser printers, scanners and fax machines. Description Two vulnerabilities have been found in HPLIP: The "hpmudgetpml" function in pml.c contains a boundary error which could cause a...
gif2png: Multiple vulnerabilities
Background gif2png converts images from GIF format to PNG format. Description Two vulnerabilities have been found in gif2png: A boundary error in gif2png.c could cause a buffer overflow CVE-2010-4694. The patch for CVE-2009-5018 causes gif2png to truncate GIF pathnames CVE-2010-4695. Impact A...
ModPlug: User-assisted execution of arbitrary code
Background ModPlug is a library for playing MOD-like music. Description Multiple vulnerabilities have been found in ModPlug: The ReadS3M method in loads3m.cpp fails to validate user-supplied information, which could cause a stack-based buffer overflow CVE-2011-1574. The "CSoundFile::ReadWav"...
Audacious Plugins: User-assisted execution of arbitrary code
Background Plugins for the Audacious music player. Description Multiple vulnerabilities have been found in Audacious Plugins: The "CSoundFile::ReadWav" function in loadwav.cpp contains an integer overflow which could cause a heap-based buffer overflow CVE-2011-2911. The "CSoundFile::ReadS3M"...
cURL: Multiple vulnerabilities
Background cURL is a command line tool for transferring files with URL syntax, supporting numerous protocols. Description Multiple vulnerabilities have been found in cURL: When zlib is enabled, the amount of data sent to an application for automatic decompression is not restricted CVE-2010-0734...
Rack: Denial of service
Background Rack is a modular Ruby web server interface. Description Rack does not properly randomize hash functions to protect against hash collision attacks. Impact A remote attacker could send a specially crafted form post, possibly resulting in a Denial of Service condition. Workaround There i...
Puppet: Multiple vulnerabilities
Background Puppet is a system configuration management tool written in Ruby. Description Multiple vulnerabilities have been discovered in Puppet. Please review the CVE identifiers referenced below for details. Impact A local attacker could gain elevated privileges, or access and modify arbitrary...