10927 matches found
USN-939-1: X.org vulnerabilities
Loïc Minier discovered that xvfb-run did not correctly keep the X.org session cookie private. A local attacker could gain access to any local sessions started by xvfb-run. Ubuntu 9.10 was not affected. CVE-2009-1573 It was discovered that the X.org server did not correctly handle certain...
USN-938-1: KDENetwork vulnerabilities
It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution. CVE-2010-100...
USN-937-1: TeX Live vulnerabilities
It was discovered that TeX Live incorrectly handled certain long .bib bibliography files. If a user or automated system were tricked into processing a specially crafted bib file, an attacker could cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS, 9.04 and...
USN-936-1: dvipng vulnerability
Dan Rosenberg discovered that dvipng incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges ...
USN-934-1: Netpbm vulnerability
Marc Schoenefeld discovered a buffer overflow in Netpbm when loading certain images. If a user or automated system were tricked into opening a specially crafted XPM image, a remote attacker could crash Netpbm. The default compiler options for affected releases should reduce the vulnerability to a...
USN-933-1: PostgreSQL vulnerability
It was discovered that PostgreSQL did not properly sanitize its input when using substring with a SELECT statement. A remote authenticated attacker could exploit this to cause a denial of service via application crash...
USN-931-2: FFmpeg regression
USN-931-1 fixed vulnerabilities in FFmpeg. The update introduced a regression when trying to play certain multimedia files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg contained multiple security issues when handling...
USN-929-2: irssi regression
USN-929-1 fixed vulnerabilities in irssi. The upstream changes introduced a regression when using irssi with SSL and an IRC proxy. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that irssi did not perform certificate host validation...
USN-932-1: KDM vulnerability
Sebastian Krahmer discovered a race condition in the KDE Display Manager KDM. A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation...
USN-931-1: FFmpeg vulnerabilities
It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the...
USN-929-1: irssi vulnerabilities
It was discovered that irssi did not perform certificate host validation when using SSL connections. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. CVE-2010-1155 Aurelien Delaitre discovered that irssi could be...
USN-890-6: CMake vulnerabilities
USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked in...
USN-928-1: Sudo vulnerability
Valerio Costamagna discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command when the PATH contained only a dot '.'. If securepath and ignoredot were disabled, a local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the...
USN-927-3: Thunderbird regression
USN-927-1 fixed vulnerabilities in NSS. Due to upstream changes in NSS 3.12.6, Thunderbird would be unable to initialize the security component and connect with SSL/TLS if the old libnss3-0d transition package was installed. This update fixes the problem. We apologize for the inconvenience...
USN-927-2: NSS regression
USN-927-1 fixed vulnerabilities in NSS. Upstream NSS 3.12.6 added an additional checksum verification on libnssdbm3.so, but the Ubuntu packaging did not create this checksum. As a result, Firefox could not initialize the security component when the NSS Internal FIPS PKCS 11 Module was enabled. Th...
USN-920-1: Firefox 3.0 and Xulrunner vulnerabilities
Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking...
USN-921-1: Firefox 3.5 and Xulrunner vulnerabilities
Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking...
USN-927-1: NSS vulnerability
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new...
USN-624-2: Erlang vulnerability
USN-624-1 fixed a vulnerability in PCRE. This update provides the corresponding update for Erlang. Original advisory details: Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash,...
USN-926-1: ClamAV vulnerabilities
It was discovered that ClamAV did not properly verify its input when processing CAB files. A remote attacker could send a specially crafted CAB file to evade malware detection. CVE-2010-0098 It was discovered that ClamAV did not properly verify its input when processing CAB files. A remote attack...
USN-925-1: MoinMoin vulnerabilities
It was discovered that MoinMoin did not properly sanitize its input when processing Despam actions, resulting in cross-site scripting XSS vulnerabilities. If a privileged wiki user were tricked into performing the Despam action on a page with a crafted title, a remote attacker could exploit this ...
USN-924-1: Kerberos vulnerabilities
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. CVE-2010-0629 It was discovered that Kerberos did not correctly free memory ...
USN-923-1: OpenJDK vulnerabilities
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. CVE-2009-3555 It was discovered that...
USN-922-1: libnss-db vulnerability
Stephane Chazelas discovered that libnss-db did not correctly set up a database environment. A local attacker could exploit this to read the first line of arbitrary files, leading to a loss of privacy and possibly privilege escalation...
USN-919-1: Emacs vulnerability
Dan Rosenberg discovered that the email helper in Emacs did not correctly check file permissions. A local attacker could perform a symlink race to read or append to another user's mailbox if it was stored under a group-writable group-"mail" directory...
USN-918-1: Samba vulnerability
It was discovered the Samba handled symlinks in an unexpected way when both "wide links" and "UNIX extensions" were enabled, which is the default. A remote attacker could create symlinks and access arbitrary files from the server...
USN-917-1: Puppet vulnerabilities
It was discovered that Puppet did not drop supplementary groups when being run as a different user. A local user may be able to use this flaw to bypass security restrictions and gain access to restricted files. CVE-2009-3564 It was discovered that Puppet did not correctly handle temporary files. ...
USN-916-1: Kerberos vulnerabilities
Emmanuel Bouillon discovered that Kerberos did not correctly handle certain message types. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC to crash, leading to a denial of service. CVE-2010-0283 Nalin Dahyabhai, Jan iankko Lieskovsky, and Zbysek Mraz...
USN-915-1: Thunderbird vulnerabilities
Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...
USN-914-1: Linux kernel vulnerabilities
Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. CVE-2010-0307 Marcelo Tosatti discovered that the Linux kernel's hardware virtualization did not...
USN-913-1: libpng vulnerabilities
It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only...
USN-912-1: Audio File Library vulnerability
It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program...
USN-911-1: MoinMoin vulnerabilities
It was discovered that several wiki actions and preference settings in MoinMoin were not protected from cross-site request forgery CSRF. If an authenticated user were tricked into visiting a malicious website while logged into MoinMoin, a remote attacker could change the user's configuration or...
USN-909-1: dpkg vulnerability
William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of...
USN-908-1: Apache vulnerabilities
It was discovered that modproxyajp did not properly handle errors when a client doesn't send a request body. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. CVE-2010-0408 It was discovered that...
USN-907-1: gnome-screensaver vulnerabilities
It was discovered that gnome-screensaver did not correctly lock all screens when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. CVE-2010-0285 It was discovered that gnome-screensaver did not correctly handle keyboard grab when...
USN-906-1: CUPS vulnerabilities
It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. CVE-2009-3553, CVE-2010-0302...
USN-905-1: sudo vulnerabilities
It was discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation...
USN-904-1: Squid vulnerability
It was discovered that Squid incorrectly handled certain malformed packets received on the HTCP port. A remote attacker could exploit this with a specially-crafted packet and cause Squid to crash, resulting in a denial of service...
USN-903-1: OpenOffice.org vulnerabilities
It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 Sebastian Apelt and Frank Reißner discovered that OpenOffice did not correct...
USN-902-1: Pidgin vulnerabilities
Fabian Yamaguchi discovered that Pidgin incorrectly validated all fields of an incoming message in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. CVE-2010-0277 Sadrul Habib Chowdhury discovered that...
USN-890-5: XML-RPC for C and C++ vulnerabilities
USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat...
USN-896-1: Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-0159 Orlando Barrera II...
USN-895-1: Firefox 3.0 and Xulrunner 1.9 vulnerabilities
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-0159 Orlando Barrera II...
USN-901-1: Squid vulnerabilities
It was discovered that Squid incorrectly handled certain auth headers. A remote attacker could exploit this with a specially-crafted auth header and cause Squid to go into an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 8.10, 9.04 and 9.10. CVE-2009-2855 It was...
USN-900-1: Ruby vulnerabilities
Emmanouel Kellinis discovered that Ruby did not properly handle certain string operations. An attacker could exploit this issue and possibly execute arbitrary code with application privileges. CVE-2009-4124 Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that Ruby did not...
USN-899-1: Tomcat vulnerabilities
It was discovered that Tomcat did not correctly validate WAR filenames or paths when deploying. A remote attacker could send a specially crafted WAR file to be deployed and cause arbitrary files and directories to be created, overwritten, or deleted...
USN-898-1: gnome-screensaver vulnerability
It was discovered that gnome-screensaver did not correctly handle monitor hotplugging. An attacker with physical access could cause gnome-screensaver to crash and gain access to the locked session...
USN-897-1: MySQL vulnerabilities
It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL...
USN-894-1: Linux kernel vulnerabilities
Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4 filesystems did not correctly check certain disk structures. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could crash the system or gain root privileges. CVE-2009-4020, CVE-2009-4308 It was...