10832 matches found
USN-765-1: Firefox and Xulrunner vulnerabilities
It was discovered that the upstream security fixes in USN-764-1 introduced a regression which could cause the browser to crash. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the...
USN-761-2: PHP vulnerabilities
USN-761-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 9.04. Original advisory details: It was discovered that PHP did not sanitize certain error messages when displayerrors is enabled, which could result in browsers becoming vulnerable to cross-site...
USN-767-1: FreeType vulnerability
Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges...
USN-766-1: acpid vulnerability
It was discovered that acpid did not properly handle a large number of connections. A local user could exploit this and monopolize CPU resources, leading to a denial of service...
USN-764-1: Firefox and Xulrunner vulnerabilities
Several flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-1302, CVE-2009-1303, CVE-2009-1304,...
USN-762-1: APT vulnerabilities
Alexandre Martani discovered that the APT daily cron script did not check the return code of the date command. If a machine is configured for automatic updates and is in a time zone where DST occurs at midnight, under certain circumstances automatic updates might not be applied and could become...
USN-763-1: xine-lib vulnerabilities
It was discovered that the QT demuxer in xine-lib did not correctly handle a large count value in an STTS atom, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could execute arbitrary code as the user...
USN-761-1: PHP vulnerabilities
It was discovered that PHP did not sanitize certain error messages when displayerrors is enabled, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server...
USN-760-1: CUPS vulnerability
It was discovered that CUPS did not properly check the height of TIFF images. If a user or automated system were tricked into opening a crafted TIFF image file, a remote attacker could cause a denial of service or possibly execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and...
USN-759-1: poppler vulnerabilities
Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that poppler contained multiple security issues in its JBIG2 decoder. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privilege...
USN-758-1: udev vulnerabilities
Sebastian Krahmer discovered that udev did not correctly validate netlink message senders. A local attacker could send specially crafted messages to udev in order to gain root privileges. CVE-2009-1185 Sebastian Krahmer discovered a buffer overflow in the path encoding routines in udev. A local...
USN-757-1: Ghostscript vulnerabilities
It was discovered that Ghostscript contained a buffer underflow in its CCITTFax decoding filter. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program...
USN-756-1: ClamAV vulnerability
It was discovered that ClamAV did not properly verify buffers when processing Upack files. A remote attacker could send a crafted file and cause a denial of service via application crash...
USN-755-1: Kerberos vulnerabilities
Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines that did not correctly handle certain requests. An unauthenticated remote attacker could send specially crafted traffic to crash services using the Kerberos library, leading to a denial of service...
USN-754-1: ClamAV vulnerabilities
It was discovered that ClamAV did not properly verify its input when processing TAR archives. A remote attacker could send a specially crafted TAR file and cause a denial of service via infinite loop. CVE-2009-1270 It was discovered that ClamAV did not properly validate Portable Executable PE...
USN-752-1: Linux kernel vulnerabilities
NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. CVE-2008-4307 Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a...
USN-753-1: PostgreSQL vulnerability
It was discovered that PostgreSQL did not properly handle encoding conversion failures. An attacker could exploit this by sending specially crafted requests to PostgreSQL, leading to a denial of service...
USN-751-1: Linux kernel vulnerabilities
NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected. CVE-2008-4307 Sparc syscalls did not correctly check mmap regions. A local attacker could cause a...
USN-750-1: OpenSSL vulnerability
It was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in...
USN-749-1: libsndfile vulnerability
It was discovered that libsndfile did not correctly handle description chunks in CAF audio files. If a user or automated system were tricked into opening a specially crafted CAF audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program...
USN-745-1: Firefox and Xulrunner vulnerabilities
It was discovered that Firefox did not properly perform XUL garbage collection. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubunt...
USN-748-1: OpenJDK vulnerabilities
It was discovered that font creation could leak temporary files. If a user were tricked into loading a malicious program or applet, a remote attacker could consume disk space, leading to a denial of service. CVE-2006-2426, CVE-2009-1100 It was discovered that the lightweight HttpServer did not...
USN-746-1: xine-lib vulnerability
It was discovered that the 4xm demuxer in xine-lib did not correctly handle a large currenttrack value in a 4xm file, resulting in an integer overflow. If a user or automated system were tricked into opening a specially crafted 4xm movie file, an attacker could crash xine-lib or possibly execute...
USN-747-1: ICU vulnerability
It was discovered that libicu did not correctly handle certain invalid encoded data. If a user or automated system were tricked into processing specially crafted data with applications linked against libicu, certain content filters could be bypassed...
USN-744-1: LittleCMS vulnerabilities
Chris Evans discovered that LittleCMS did not properly handle certain error conditions, resulting in a large memory leak. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could cause a denial of service. CVE-2009-0581 Chris Evans...
USN-743-1: Ghostscript vulnerabilities
It was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invokin...
USN-741-1: Thunderbird vulnerabilities
Several flaws were discovered in the browser engine. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2009-0352 Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user had...
USN-742-1: JasPer vulnerabilities
It was discovered that JasPer did not correctly handle memory allocation when parsing certain malformed JPEG2000 images. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrar...
USN-740-1: NSS vulnerability
The MD5 algorithm is known not to be collision resistant. This update blocklists the proof of concept rogue certificate authority as discussed in http://www.win.tue.nl/hashclash/rogue-ca/...
USN-739-1: Amarok vulnerabilities
It was discovered that Amarok did not correctly handle certain malformed tags in Audible Audio .aa files. If a user were tricked into opening a crafted Audible Audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program...
USN-734-1: FFmpeg vulnerabilities
It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media OGM files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. CVE-2008-4610 It was discovered that FFmpeg di...
USN-738-1: GLib vulnerability
Diego Petteno discovered that the Base64 encoding functions in GLib did not properly handle large strings. If a user or automated system were tricked into processing a crafted Base64 string, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program...
USN-737-1: libsoup vulnerability
It was discovered that the Base64 encoding functions in libsoup did not properly handle large strings. If a user were tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges...
USN-736-1: GStreamer Good Plugins vulnerabilities
It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample ctts atom data in Quicktime mov movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the...
USN-735-1: GStreamer Base Plugins vulnerability
It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges...
USN-733-1: evolution-data-server vulnerability
It was discovered that the Base64 encoding functions in evolution-data-server did not properly handle large strings. If a user were tricked into opening a specially crafted image file, or tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user...
USN-731-1: Apache vulnerabilities
It was discovered that Apache did not sanitize the method specifier header from an HTTP request when it is returned in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a...
USN-732-1: dash vulnerability
Wolfgang M. Reimer discovered that dash, when invoked as a login shell, would source .profile files from the current directory. Local users may be able to bypass security restrictions and gain root privileges by placing specially crafted .profile files where they might get sourced by other dash...
USN-730-1: libpng vulnerabilities
It was discovered that libpng did not properly perform bounds checking in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng. This issue only affected Ubuntu 8.04 LTS. CVE-2007-5268, CVE-2007-5269 Tavis...
USN-728-3: Firefox vulnerabilities
Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0772, CVE-2009-0774...
USN-728-2: Firefox vulnerabilities
Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0772, CVE-2009-0774...
USN-728-1: Firefox and Xulrunner vulnerabilities
Glenn Randers-Pehrson discovered that the embedded libpng in Firefox did not properly initialize pointers. If a user were tricked into viewing a malicious website with a crafted PNG file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of t...
USN-729-1: Python Crypto vulnerability
Mike Wiacek discovered that the ARC2 implementation in Python Crypto did not correctly check the key length. If a user or automated system were tricked into processing a malicious ARC2 stream, a remote attacker could execute arbitrary code or crash the application using Python Crypto, leading to ...
USN-726-2: curl regression
USN-726-1 fixed a vulnerability in curl. Due to an incomplete fix, a regression was introduced in Ubuntu 8.10 that caused certain types of URLs to fail. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that curl did not enforce any...
USN-727-1: network-manager-applet vulnerabilities
It was discovered that network-manager-applet did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view other users' network connection passwords and pre-shared keys. CVE-2009-0365 It was discovered that network-manager-applet did not...
USN-727-2: NetworkManager vulnerability
USN-727-1 fixed vulnerabilities in network-manager-applet. This advisory provides the corresponding updates for NetworkManager. It was discovered that NetworkManager did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view system and...
USN-726-1: curl vulnerability
It was discovered that curl did not enforce any restrictions when following URL redirects. If a user or automated system were tricked into opening a URL to an untrusted server, an attacker could use redirects to gain access to abitrary files. This update changes curl behavior to prevent following...
USN-725-1: KMail vulnerability
It was discovered that Kmail did not adequately prevent execution of arbitrary code when a user clicked on a URL to an executable within an HTML mail. If a user clicked on a malicious URL and chose to execute the file, a remote attacker could execute arbitrary code with user privileges. This upda...
USN-724-1: Squid vulnerability
Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered that Squid did not properly validate the HTTP version when processing requests. A remote attacker could exploit this to cause a denial of service assertion failure...
USN-723-1: Git vulnerabilities
It was discovered that Git did not properly handle long file paths. If a user were tricked into performing commands on a specially crafted Git repository, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2008-3546 It was discovered that t...