10927 matches found
USN-1189-1: Linux kernel vulnerabilities
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...
USN-1184-1: Firefox and Xulrunner vulnerabilities
Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2982 It was discovered that a vulnerability in event...
USN-1192-2: Mozvoikko update
USN-1192-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko for use with Firefox 6. Original advisory details: Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privilege...
USN-1192-1: Firefox vulnerabilities
Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2989 Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could...
USN-1191-1: libXfont vulnerability
Tomas Hoger discovered that libXfont incorrectly handled certain malformed compressed fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges...
USN-1190-1: DHCP vulnerabilities
David Zych discovered that DHCP incorrectly handled certain malformed packets. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service...
USN-1188-1: eCryptfs vulnerabilities
Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to mount to arbitrary locations, leading to privilege escalation. CVE-2011-1831 Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs...
USN-1187-1: Linux kernel (Maverick backport) vulnerabilities
It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...
USN-1186-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. CVE-2010-4073 Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker cou...
USN-1183-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Neil Horman discovered that NFSv4 did not correctly handle...
USN-1182-1: Samba vulnerabilities
Yoshihiro Ishikawa discovered that the Samba Web Administration Tool SWAT was vulnerable to cross-site request forgeries CSRF. If a Samba administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the Samba configuration...
USN-1181-1: libsoup vulnerability
It was discovered that libsoup did not properly validate its input when processing SoupServer requests. A remote attacker could exploit this to access files via directory traversal...
USN-1180-1: libvirt vulnerability
Eric Blake discovered an integer overflow flaw in libvirt. A remote authenticated attacker could exploit this by sending a crafted VCPU RPC call and cause a denial of service via application crash...
USN-1179-1: ClamAV vulnerability
It was discovered that the hash processing code in libclamav improperly handled messages with certain hashes. This could allow a remote attacker to craft a document that could cause clamav to crash, resulting in a denial of service...
USN-1178-1: IcedTea-Web, OpenJDK 6 vulnerabilities
Omair Majid discovered that an unsigned Web Start application or applet could determine the path to the cache directory used to store downloaded class and jar files by querying class loader properties. This could allow a remote attacker to discover a user's name and home directory path...
USN-1177-1: QEMU vulnerability
Andrew Griffiths discovered that QEMU did not correctly drop privileges when using the 'runas' argument. Under certain circumstances a local attacker could exploit this to escalate privileges...
USN-1176-1: DBus vulnerability
It was discovered that DBus did not properly validate the byte order of messages under certain circumstances. An attacker could exploit this to cause a denial of service via application crash or potentially obtain access to sensitive information...
USN-1175-1: libpng vulnerabilities
Frank Busse discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause libpng to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS, 10.10, and...
USN-1174-1: libsndfile vulnerability
Hossein Lotfi discovered that libsndfile did not properly verify the header length and number of channels for PARIS Audio Format PAF audio files. An attacker could exploit this to cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...
USN-1173-1: FreeType vulnerability
It was discovered that FreeType did not correctly handle certain malformed Type 1 font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...
USN-1172-1: logrotate vulnerabilities
It was discovered that logrotate incorrectly handled the creation of new log files. Local users could possibly read log files if they were opened before permissions were in place. This issue only affected Ubuntu 8.04 LTS. CVE-2011-1098 It was discovered that logrotate incorrectly handled certain...
USN-1171-1: Likewise Open vulnerability
It was discovered that an SQL injection vulnerability exists in the Likewise Security Authority lsass local authentication provider. A local attacker could use this to gain elevated privileges...
USN-1150-1: Thunderbird vulnerabilities
Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376 Martin Barbella discovered that under...
USN-1170-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 It was discovered that Xen did not correctly handle certain...
USN-1168-1: Linux kernel vulnerabilities
Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...
USN-1167-1: Linux kernel vulnerabilities
Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...
USN-1161-1: Linux kernel vulnerabilities (EC2)
Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. CVE-2010-3881 Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By...
USN-1159-1: Linux kernel vulnerabilities (Marvell Dove)
Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...
USN-1169-1: APT vulnerability
William Grant discovered that APT incorrectly validated inline GPG signatures. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages...
USN-1166-1: OProfile vulnerabilities
Stephane Chauveau discovered that OProfile did not properly perform input validation when processing arguments to opcontrol. A local user who is allowed to run opcontrol with privileges could exploit this to run arbitrary commands as the privileged user. CVE-2011-1760, CVE-2011-2471 Stephane...
USN-1165-1: QEMU vulnerabilities
Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...
USN-1164-1: Linux kernel vulnerabilities (i.MX51)
Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...
USN-1163-1: Bind vulnerability
It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service...
USN-1149-2: Firefox regression
USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple memory...
USN-1162-1: Linux kernel vulnerabilities (Marvell Dove)
Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...
USN-1160-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...
USN-1158-1: curl vulnerabilities
Richard Silverman discovered that when doing GSSAPI authentication, libcurl unconditionally performs credential delegation, handing the server a copy of the client's security credential. CVE-2011-2192 Wesley Miaw discovered that when zlib is enabled, libcurl does not properly restrict the amount ...
USN-1157-3: Firefox regression
USN-1157-1 fixed vulnerabilities in Firefox. Unfortunately, this update produced the side effect of pulling in Firefox on some systems that did not have it installed during a dist-upgrade due to changes in the Ubuntu language packs. This update fixes the problem. We apologize for the inconvenienc...
USN-1149-1: Firefox and Xulrunner vulnerabilities
Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376 Martin Barbella discovered that under certai...
USN-1157-2: mozvoikko, ubufox, webfav update
USN-1157-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 5. Original advisory details: Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous...
USN-1157-1: Firefox vulnerabilities
Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could possibly execute arbitrary code with the...
USN-1156-1: tgt vulnerabilities
It was discovered that tgt incorrectly handled long iSCSI name strings, and invalid PDUs. A remote attacker could exploit this to cause tgt to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 10.10. CVE-2010-2221 Emmanuel Bouillon...
USN-1155-1: NBD vulnerability
It was discovered that NBD incorrectly handled certain long requests. A remote attacker could use this flaw to cause NBD to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-1154-1: OpenJDK 6 vulnerabilities
It was discovered that a heap overflow in the AWT FileDialog.show method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. CVE-2011-0815 It was dicovered that integer overflows in the JPEGImageReader readImage function and the...
USN-1153-1: libxml2 vulnerability
Chris Evans discovered that libxml2 incorrectly handled memory allocation. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program...
USN-1152-1: libvirt vulnerabilities
It was discovered that libvirt did not use thread-safe error reporting. A remote attacker could exploit this to cause a denial of service via application crash. CVE-2011-1486 Eric Blake discovered that libvirt had an off-by-one error which could be used to reopen disk probing and bypass the fix f...
USN-1151-1: Nagios vulnerabilities
Stefan Schurtz discovered than Nagios did not properly sanitize its input when processing certain requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote...
USN-1148-1: libmodplug vulnerabilities
It was discovered that libmodplug did not correctly handle certain malformed S3M media files. If a user or automated system were tricked into opening a crafted S3M file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program...
USN-1147-1: GIMP vulnerability
Nils Philippsen discovered that GIMP incorrectly handled malformed PSP image files. If a user were tricked into opening a specially crafted PSP image file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges...
USN-1146-1: Linux kernel vulnerabilities
Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAPNETADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. CVE-2010-4655 Kees Cook discovered that the IOWarrior USB device driver did n...