10832 matches found
USN-854-1: GD library vulnerabilities
Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code...
USN-850-3: poppler vulnerabilities
USN-850-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for Ubuntu 9.10. Original advisory details: It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a...
USN-853-1: Firefox and Xulrunner vulnerabilities
Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoki...
USN-850-2: poppler regression
USN-850-1 fixed vulnerabilities in poppler. The security fix for CVE-2009-3605 introduced a regression that would cause certain applications, such as Okular, to segfault when opening certain PDF files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: I...
USN-852-1: Linux kernel vulnerabilities
Solar Designer discovered that the z90crypt driver did not correctly check capabilities. A local attacker could exploit this to shut down the device, leading to a denial of service. Only affected Ubuntu 6.06. CVE-2009-1883 Michael Buesch discovered that the SGI GRU driver did not correctly check...
USN-851-1: Elinks vulnerabilities
Teemu Salmela discovered that Elinks did not properly validate input when processing smb:// URLs. If a user were tricked into viewing a malicious website and had smbclient installed, a remote attacker could execute arbitrary code with the privileges of the user invoking the program. CVE-2006-5925...
USN-850-1: poppler vulnerabilities
It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the progra...
USN-849-1: libsndfile vulnerabilities
Tobias Klein discovered a heap-based buffer overflow in libsndfile. If a user or automated system processed a crafted VOC file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-1788...
USN-848-1: Zope vulnerabilities
It was discovered that the Zope Object Database ZODB database server ZEO improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. CVE-2009-0668 It...
USN-847-2: devscripts vulnerability
USN-847-1 fixed vulnerabilities in devscripts. This update provides the corresponding updates for Ubuntu 6.06 LTS. Original advisory details: Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted...
USN-847-1: Devscripts vulnerability
Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a remote server, an attacker could execute arbitrary code with the privileges of the user invoking the program...
USN-846-1: ICU vulnerability
It was discovered that ICU did not properly handle invalid byte sequences during Unicode conversion. If an application using ICU processed crafted data, content security mechanisms could be bypassed, potentially leading to cross-site scripting XSS attacks...
USN-845-1: Pan vulnerability
Pavel Polischouk discovered that Pan incorrectly handled certain data structures. If a user were tricked into viewing malicious nntp data, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...
USN-844-1: mimeTeX vulnerabilities
Chris Evans discovered that mimeTeX incorrectly handled certain long tags. An attacker could exploit this with a crafted mimeTeX expression and cause a denial of service or possibly execute arbitrary code. CVE-2009-1382 Chris Evans discovered that mimeTeX contained certain directives that may be...
USN-842-1: Wget vulnerability
It was discovered that Wget did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-843-1: BackupPC vulnerability
It was discovered that BackupPC did not restrict normal users from setting the ClientNameAlias parameter. An authenticated user could exploit this to gain access to unauthorized hosts. This update fixed the issue by preventing normal users from modifying the ClientNameAlias configuration paramete...
USN-841-1: GLib vulnerability
Arand Nash discovered that applications linked to GLib e.g. Nautilus did not correctly copy symlinks. If a user copied symlinks with GLib, the symlink target files would become world-writable, allowing local attackers to gain access to potentially sensitive information...
USN-840-1: OpenOffice.org vulnerabilities
Dyon Balding discovered flaws in the way OpenOffice.org handled tables. If a user were tricked into opening a specially crafted Word document, a remote attacker might be able to execute arbitrary code with user privileges. CVE-2009-0200, CVE-2009-0201 A memory overflow flaw was discovered in...
USN-839-1: Samba vulnerabilities
J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated homes share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. CVE-2009-2813 Tim Prouty discovered that the smbd daemon in Samba...
USN-838-1: Dovecot vulnerabilities
It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. CVE-2008-4577 It was discovered that the ManageSieve...
USN-837-1: Newt vulnerability
Miroslav Lichvar discovered that Newt incorrectly handled rendering in a text box. An attacker could exploit this and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...
USN-836-1: WebKit vulnerabilities
It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...
USN-835-1: neon vulnerabilities
Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-834-1: PostgreSQL vulnerabilities
It was discovered that PostgreSQL could be made to unload and reload an already loaded module by using the LOAD command. A remote authenticated attacker could exploit this to cause a denial of service. This issue did not affect Ubuntu 6.06 LTS. CVE-2009-3229 Due to an incomplete fix for...
USN-833-1: KDE-Libs vulnerability
It was discovered that KDE did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-832-1: FreeRADIUS vulnerability
It was discovered that FreeRADIUS did not correctly handle certain malformed attributes. A remote attacker could exploit this flaw and cause the FreeRADIUS server to crash, resulting in a denial of service...
USN-831-1: OpenEXR vulnerabilities
Drew Yao discovered several flaws in the way OpenEXR handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...
USN-830-1: OpenSSL vulnerability
Dan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation...
USN-829-1: Qt vulnerability
It was discovered that Qt did not properly handle certificates with NULL characters in the Subject Alternative Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. CVE-2009-2700...
USN-821-1: Firefox and Xulrunner vulnerabilities
Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-3070,...
USN-828-1: PAM vulnerability
Russell Senior discovered that the system authentication module selection mechanism for PAM did not safely handle an empty selection. If an administrator had specifically removed the default list of modules or failed to chose a module when operating debconf in a very unlikely non-default...
USN-810-3: NSS regression
USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS e.g. Firefox to have an executable stack. This reduced the effectiveness of some defensive security protections. This update...
USN-827-1: Dnsmasq vulnerabilities
IvAin Arce, Pablo HernAin Jorge, Alejandro Pablo Rodriguez, MartAÂn Coco, Alberto SoliAto Testa and Pablo Annetta discovered that Dnsmasq did not properly validate its input when processing TFTP requests for files with long names. A remote attacker could cause a denial of service or execute...
USN-826-1: Mono vulnerabilities
It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that Mono did not properly escape certain attributes in th...
USN-825-1: libvorbis vulnerability
It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could execute arbitrary code with the user's privileges. CVE-2009-2663 USN-682-1 provided...
USN-824-1: PHP vulnerability
It was discovered that PHP did not properly handle certain malformed JPEG images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service...
USN-823-1: KDE-Graphics vulnerabilities
It was discovered that KDE-Graphics did not properly handle certain malformed SVG images. If a user were tricked into opening a specially crafted SVG image, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...
USN-822-1: KDE-Libs vulnerabilities
It was discovered that KDE-Libs did not properly handle certain malformed SVG images. If a user were tricked into opening a specially crafted SVG image, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue...
USN-817-1: Thunderbird vulnerabilities
Several flaws were discovered in the rendering engine of Thunderbird. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird...
USN-820-1: Pidgin vulnerability
Federico Muttis discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges...
USN-809-1: GnuTLS vulnerabilities
Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-802-2: Apache regression
USN-802-1 fixed vulnerabilities in Apache. The upstream fix for CVE-2009-1891 introduced a regression that would cause Apache children to occasionally segfault when moddeflate is used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...
USN-819-1: Linux kernel vulnerability
Tavis Ormandy and Julien Tinnes discovered that Linux did not correctly initialize certain socket operation function pointers. A local attacker could exploit this to gain root privileges. By default, Ubuntu 8.04 and later with a non-zero /proc/sys/vm/mmapminaddr setting were not vulnerable...
USN-818-1: curl vulnerability
Scott Cantor discovered that Curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-816-1: fetchmail vulnerability
Matthias Andree discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-815-1: libxml2 vulnerabilities
It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. CVE-2009-2414 ...
USN-814-1: OpenJDK vulnerabilities
It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that JAR bundles would appear signed if only one element w...
USN-813-3: apr-util vulnerability
USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr-util. Original advisory details: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could...
USN-813-2: Apache vulnerability
USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr as provided by Apache on Ubuntu 6.06 LTS. Original advisory details: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed...
USN-812-1: Subversion vulnerability
Matt Lewis discovered that Subversion did not properly sanitize its input when processing svndiff streams, leading to various integer and heap overflows. If a user or automated system processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code ...