Ubuntu Linux Security Vulnerabilities and Issues — Ubuntu Linux CVE List

Lucene search

CanonicalUbuntu Linux

11 matches found

CVE•added 2010/02/16 7:30 p.m.•114 views

CVE-2009-2950

Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decom...

9.3CVSS7.1AI score0.22964EPSS

CVE•added 2010/02/16 7:30 p.m.•111 views

CVE-2009-2949

Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.

9.3CVSS6.9AI score0.50178EPSS

CVE•added 2010/02/16 7:30 p.m.•111 views

CVE-2009-3302

filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."

9.3CVSS7AI score0.42759EPSS

CVE•added 2010/02/16 7:30 p.m.•109 views

CVE-2009-3301

Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.

9.3CVSS7AI score0.42759EPSS

CVE•added 2010/02/17 6:30 p.m.•88 views

CVE-2010-0307

The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application ...

4.7CVSS5.5AI score0.00131EPSS

CVE•added 2010/02/22 1:0 p.m.•88 views

CVE-2010-0410

drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.

4.9CVSS6.1AI score0.00079EPSS

CVE•added 2010/02/22 1:0 p.m.•77 views

CVE-2010-0159

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlock...

10CVSS8.8AI score0.02147EPSS

CVE•added 2010/02/16 7:30 p.m.•70 views

CVE-2010-0136

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.

9.3CVSS6.5AI score0.04524EPSS

CVE•added 2010/02/15 6:30 p.m.•64 views

CVE-2010-0623

The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.

4.9CVSS6.2AI score0.00047EPSS

CVE•added 2010/02/18 6:0 p.m.•63 views

CVE-2010-0650

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

2.6CVSS8.2AI score0.01571EPSS

CVE•added 2010/02/02 4:30 p.m.•51 views

CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control ...

9.8CVSS9.3AI score0.00836EPSS