Download
| Alert*
|
oval:org.secpod.oval:def:302813
A vulnerability has been found and corrected in cyrus-imapd: The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service via a crafted References header in an e-mail message . The upda ... oval:org.secpod.oval:def:302820 A vulnerability has been found and corrected in fcgi: The FCGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. The update ... oval:org.secpod.oval:def:301113 Multiple vulnerabilities has been discovered and corrected in cyrus-imapd: Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command . Secunia ... oval:org.secpod.oval:def:300087 A vulnerability has been found and corrected in lvm2: The cluster logical volume manager daemon in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial ... oval:org.secpod.oval:def:301070 A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font in a document . The updated packages have been patched to correct these issues. oval:org.secpod.oval:def:300386 A vulnerability has been found and corrected in opensc: Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to card-acos5.c, card-atrust-acos.c, and ... oval:org.secpod.oval:def:300279 A vulnerability has been found and corrected in gv: GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file . This update provides gv 3.7.1, which is not vulnerable to this issue. oval:org.secpod.oval:def:301126 A vulnerability has been found and corrected in proftpd: Heap-based buffer overflow in the sql_prepare_where function in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted username containing substi ... oval:org.secpod.oval:def:300276 A vulnerability has been found and corrected in okular : A specially crafted PDF or PS file could cause okular to crash or execute arbitrary code . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301128 Multiple vulnerabilities has been found and corrected in xfig: Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arb ... oval:org.secpod.oval:def:300390 A vulnerability has been found and corrected in gif2png: Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png . Buffer overflow ... oval:org.secpod.oval:def:300160 A buffer overflow was discovered in libsmi when long OID was given in numerical form. This could lead to arbitraty code execution . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300186 A vulnerability has been found and corrected in ghostscript: Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of th ... oval:org.secpod.oval:def:301046 A vulnerability was discovered and corrected in krb5-appl: ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwr ... oval:org.secpod.oval:def:300413 A vulnerability has been found and corrected in tomboy: The tomboy and tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. N ... oval:org.secpod.oval:def:300312 A new version of the CGI Perl module has been released to CPAN, which fixes several security bugs which directly affect Bugzilla . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301008 Multiple vulnerabilities has been found and corrected in python-feedparser: Cross-site scripting vulnerability in feedparser.py in Universal Feed Parser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas . feedparser.py in Universal ... oval:org.secpod.oval:def:301036 A vulnerability was discovered and corrected in webmin: Cross-site scripting vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real field, related to useradmin/index.cgi and useradmin/user-lib.pl . Packages for 2 ... oval:org.secpod.oval:def:300440 A vulnerability has been found and corrected in gdm: GNOME Display Manager 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a dmrc or face icon file under /var/cache/gdm/ . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301055 A vulnerability has been discovered and corrected in foomatic-filters: foomatic-rip allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300423 This is a bugfix release that upgrades firefox to the latest version due to issues where some Java applets would fail to load. Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300439 It was discovered that gwenhywfar was using an old private copy of the ca-bundle.crt file containing the root CA certs, this has now been resolved so that it uses the system wide and up to date /etc/pki/tls/certs/ca-bundle.crt file last updated with the MDVSA-2011:068 advisory. Packages for 2009.0 a ... oval:org.secpod.oval:def:300444 It was discovered that the QT packages were affected by the fraudalent certificates problem as well, the same issue as with firefox . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300441 Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. Users on a compromised network could be directed to sites using the fraudulent certificates and mistake them for the legitimate sites. This could deceive them into revealing personal information such ... oval:org.secpod.oval:def:300114 The install of mailman failed because of a problem in the rpm scripts, additionally the logrotation script was fixed. oval:org.secpod.oval:def:300234 A dependency problem with the postgresql packages was discovered which under certain circumstances prevented a smooth upgrade. This advisory addresses this problem. oval:org.secpod.oval:def:300127 A bug in the integration with CUPS causes programs that rely on xulrunner to crash when trying to print . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300406 This is a maintenance and bugfix release that upgrades mysql to the latest 5.0 and 5.1 versions which solves numerous upstream bugs. Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301097 This is a maintenance and bugfix release that upgrades php to the latest 5.2 and 5.3 versions which solves numerous upstream bugs. Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300379 This is a bugfix and maintenance advisory that upgrades pidgin to the latest version that addresses various issues with upstream service providers . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301110 Security issues were identified and fixed in mozilla firefox and thunderbird: As more information has come to light about the attack on the DigiNotar Certificate Authority we have improved the protections added in MFSA 2011-34. The main change is to add explicit distrust to the DigiNotar root certif ... oval:org.secpod.oval:def:300037 This is a maintenance and bugfix release of firefox that upgrades firefox to the 3.6.12 version and adds missing localization packages for the Georgian, Kurdish, Occitan and Serbian languages. Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300046 A bug it the NSS source rpm package did not pull in the latest and required version of NSPR when building NSS . Additionally the rootcerts package was updated with the latest certdata.txt file from the mozilla cvs and is also provided with this advisory. oval:org.secpod.oval:def:301010 The TCL extension for sqlite3 was not provided with the the MDVSA-2011:079 advisory. This advisory addresses the problem and provides the missing packages. oval:org.secpod.oval:def:300171 This is a maintenance and bugfix release of sudo which upgrades sudo to the latest 1.7.4p4 version. oval:org.secpod.oval:def:301057 Security issues were identified and fixed in mozilla firefox and thunderbird: Google Chrome user alibo encountered an active man in the middle attack on secure SSL connections to Google servers. The fraudulent certificate was mis-issued by DigiNotar, a Dutch Certificate Authority. DigiNotar has rep ... oval:org.secpod.oval:def:301053 This is maintenance release that upgrades ISC BIND to the 9.7.4 version that addresses a lot of upstream bugs and fixes. oval:org.secpod.oval:def:300428 Multiple vulnerabilities has been identified and fixed in openldap: chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sendin ... oval:org.secpod.oval:def:302865 Multiple vulnerabilities has been found and corrected in libzip: libzip uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files . libzip has a numeric overflow condition, which, for example, results in improper restrictions of operations within the bounds of a ... oval:org.secpod.oval:def:300053 Multiple vulnerabilities has been found and corrected in cabextract: The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service via a malformed MSZIP archive in a .cab file during a test or extract action, related to the libmspack library . Integer signedn ... oval:org.secpod.oval:def:300172 A vulnerability has been found and corrected in libgdiplus: Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; a crafted JPEG file, related to the gdip_load ... oval:org.secpod.oval:def:301035 Multiple vulnerabilities were discovered and corrected in fetchmail: fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service via a crafted message header or POP3 ... oval:org.secpod.oval:def:300199 A vulnerability has been found and corrected in libglpng: Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to the pngLoadRawF function and the pngLoadF function, leading to heap-based buffer overflows . ... oval:org.secpod.oval:def:300372 This is a maintenance release of mozilla firefox and thunderbird that upgrades firefox to 3.6.10 and thunderbird to 3.0.8. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300301 It was discovered that the gjs packages wasn"t rebuilt for the latest xulrunner version, this advisory fixes the problem. oval:org.secpod.oval:def:300304 If the fonts required by libXt are not present, a lot of time is spent looking for them, which makes simple apps like xmessage and xcalc take almost 10 seconds to start on systems with a lot of fonts. This update makes the application startup time go back to normal. oval:org.secpod.oval:def:300311 This is a bugfix and maintenance update bundle that addresses various issues in a number of packages. * Some thread-related problems were found in the libalsa2 library that could cause segmentation faults in some audio applications . The updated libalsa2 package contains an upstream fix to correct t ... oval:org.secpod.oval:def:300319 This update provides the latest stable wine. MDV2010.1 provided a release candidate of wine . This update pushes all the fixes accumulated between 1.2.0-rc4 and final 1.2.0 oval:org.secpod.oval:def:300203 It was discovered that the ASN.1 BER dissector in wireshark was susceptible to a stack overflow . For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not vulnerable to this issue and was patched for CS4 and MES5 to resolve the vulnerability. oval:org.secpod.oval:def:300207 Users who have migrated from gnote to tomboy and use online note syncing could lose their notes. This update fixes the note parsing to prevent data loss. oval:org.secpod.oval:def:300228 The gkrellm package shipped in 2010.0 and 2010.1 was build without libsensor support, preventing the usage of hardware sensors in some cases, as reported in bug #55400. oval:org.secpod.oval:def:300356 The cross-desktop screensaver tool was missing a dependency on the xset tool. This update adds it. oval:org.secpod.oval:def:300236 This update fixes several major issues in perl-URPM: - it fixes a crash in rpmdrake - it fixes a segfault in rpmdrake & urpmi on 32bit machines oval:org.secpod.oval:def:300354 The gpg-agent has a problem making it stop to work after 1 minute or even not start at all. This update has fixes for this problems. oval:org.secpod.oval:def:300231 This update fixes a bug in rpmdrake where it would crashes when clicking on details . oval:org.secpod.oval:def:300126 It was discovered the mozilla-thunderbird-beagle packages wasn"t built against the latest mozilla-thunderbird 3.0.8. The fixed packages addresses this problem. oval:org.secpod.oval:def:300120 This is maintenance and bugfix release bringing php-xdebug-2.1.0 that addreses some php-5.3.x specific issues. Update: Updated packages for Mandriva Linux 2010.1 is also provided. oval:org.secpod.oval:def:300007 Mandriva Linux 2010.1 is installed oval:org.secpod.oval:def:302904 A vulnerability has been discovered and corrected in tomcat5: Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service via a request that contains many parameters and ... oval:org.secpod.oval:def:302903 A vulnerability has been discovered and corrected in acpid: acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service via a crafted application that performs ... oval:org.secpod.oval:def:302901 Xorg and chvt 1 call can be deadlocking one another if shutdown is requested using ACPI , which will cause X to stop while, at the same time, /etc/rc.d/rc0/6 is running, causing chvt 1 to be called. When this happen, chvt call is blocked and shutdown / reboot doesn't happen. You need to press ... oval:org.secpod.oval:def:302919 Security issues were identified and fixed in mozilla firefox and thunderbird: Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 ... oval:org.secpod.oval:def:302918 A vulnerability has been discovered and corrected in rsyslog: An integer signedness error, leading to heap based buffer overflow was found in the way the imfile module of rsyslog, an enhanced system logging and kernel message trapping daemon, processed text files larger than 64 KB. When the imfile r ... oval:org.secpod.oval:def:300405 This updates the version of lsb_release to 2010.2, fixes also an issues related to path. oval:org.secpod.oval:def:301063 The hostapd package contains a very old configuration file, so many new features including IEEE 802.11n support are disabled. oval:org.secpod.oval:def:301075 The default configuration options for ISC BIND uses DNSSEC per default which under certain circumstances can result in huge latencies due to the overhead of trying to validate each lookup, and everytime. This has now been disabled in the configuration file for performance reasons but can easily be ... oval:org.secpod.oval:def:301190 Openssl.cnf as shipped with Mandriva Linux 2010.1 has a typo in default locality name, this update fixes the issue. oval:org.secpod.oval:def:301088 A regression was found with php-apc-3.1.9 and with php-5.3.8. The updates packages has been patched to corrrect this issue. oval:org.secpod.oval:def:301086 This is a maintenance and bugfix release that upgrades mysql to the latest 5.1 version which solves numerous upstream bugs. The updated packages have been upgraded to mysql 5.1.60. oval:org.secpod.oval:def:301085 This is a bugfix and maintenance release that upgrades nspluginwrapper to the latest version which provides numerous fixes for firefox 3.6 and later. oval:org.secpod.oval:def:301084 An error has been found in libmsn library used by Kopete Instant Messaging Application, in the way SOAP redirects where handled which was preventing Windows Live Messenger users from logging into their accounts. The updated package have been patched to correct this issue. Update: Packages for 2010.2 ... oval:org.secpod.oval:def:301082 It was discovered that kmail crashed sometimes when deleting mail due to a broken patch for nepomuk support. The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301096 This is a bugfix and maintenance update of the psmisc package that addresses the following issue: * Fixed bug with fuser is returning an incorrect return value when using -s option Update: Packages for 2010.2 is also being provided. oval:org.secpod.oval:def:301092 Timezone is a package that contains data files with rules for various timezones around the world. In autumn 2011 Russia, Belarus and Ukraine drop transition on winter time. Palestine suspends DST during Ramadan in 2011. Gaza and West Bank split in 2011. West Bank is tracked in the timezone Asia/Hebr ... oval:org.secpod.oval:def:300015 nautilus-sendto would crash on startup. This update was rebuilt with the right linking flags corrects the problem. oval:org.secpod.oval:def:300013 This update fixes a wrong notice message for updates regarding the reports of supported and unsupported packages . oval:org.secpod.oval:def:301103 Timezone is a package that contains data files with rules for various timezones around the world. This update addresses the following changes: - Fiji adopts DST for 2011 - West Bank changes date for DST end in 2011 to Sep 30th - Fix DST for: Pridnestrovian Moldavian Republic, Ukraine, Bahia and Bra ... oval:org.secpod.oval:def:300135 Due to a bug in the keychain package the "--noask" option wasn"t always used, this caused the Qt4 ssh-askpass dialogue to get loaded before a window manager was fully-started, preventing the user from entering the passphrase as the dialogue never gets focus without a window manager running. This upd ... oval:org.secpod.oval:def:300256 It was discovered that the mysql server was built without partitioning support. This advisory adds partitioning support to the mysql server. oval:org.secpod.oval:def:301102 In all recent Mandriva releases hpijs driver does not work because PPD files contain a link to foomatic-rip-hplip filter that is not installed. oval:org.secpod.oval:def:300374 The translations for the default download directory was missing for several languages. This update adds the missing translations. oval:org.secpod.oval:def:300375 Various packages of old unix utilities available in mandriva used to be paralleously installable, though usage of setup-alternative utility. In 2010.1, the MIT-kerberized versions from krb5-appl package ceased to use this setup, for sake of simplicity, and was made conflicting with other packages. ... oval:org.secpod.oval:def:301109 On Mandriva Linux 2010.2 we provided the old openssl 0.9.8 library but without a source RPM file. This could pose a security risk for third party commercial applications that still uses the older OpenSSL library, therefore the latest stable openssl 0.9.8r library is being provided. oval:org.secpod.oval:def:300268 The version of cairo shipped with Mandriva 2010.1 prevented several PDF viewers from working. This updates cairo to the newest version to fix these problems. oval:org.secpod.oval:def:300145 libgpod as shipped with Mandriva 2010.1 does not have support for HAL, the Hardware Abstraction Layer anymore. This is still needed for iPod support in KDE, so the update reenables HAL support. oval:org.secpod.oval:def:300021 Due to a typo in the boost package in Mandriva 2010.1 some files in the libboost-static-devel were symlinked wrongly, this update fixes this issue. oval:org.secpod.oval:def:300029 A problem has been discovered with cyrus-imapd 2.3.15 on Mandriva 2010 Spring, in handling the IMAP COMPRESS option. Cyrus imapd 2.3.15 implements the IMAP COMPRESS option, in order to compress data between the imap server and clients that support this option, eg. Thunderbird 3. A problem has been d ... oval:org.secpod.oval:def:300381 This update provides a visual refresh for packages artwork to mark the Mandriva 2010.2 release. oval:org.secpod.oval:def:301005 This advisory updates perl-URPM package to a version compatible with disttag and rpm5 features. This update is mandatory to be able to update to Mandriva 2011 version via online update. oval:org.secpod.oval:def:300277 Thus is a bug and maintenance release of snort that fixes numerous of issues such as: * Fix installer packages to include correct version of sensitive data preprocessor for linux and Windows * Eliminate false positives when using fast_pattern:only and having only one http content in the pattern matc ... oval:org.secpod.oval:def:300034 Due to a bug in PCManFM, when using the detailed-list view users could only enter a folder once, double clicking any other folder wouldn"t work. This update fixes this issue by patching exo, which is bundled with PCManFM, to make treeview work with GTK > 2.18 oval:org.secpod.oval:def:300155 This updates fixes two major bugs: - applog subcription/unsubscription needed to get a thread safe usage of applog were buggy and not thread safe themselves. - disabling slog usage form printout level > error was not respected. oval:org.secpod.oval:def:301122 The network icon doesn't report the network status correctly with a kernel > 2.6.38. oval:org.secpod.oval:def:300032 Normal users lacks permission to change their own personal information on kolab web interface, this update fixes this issue. oval:org.secpod.oval:def:300395 The previous advisory MDVA-2011:000 updated openoffice.org to 3.2.1 but didn't include a rebuilt openoffice.org-voikko, thus preventing installation of the update when the openoffice.org Finnish language package is installed. This advisory fixes the issue by providing the missing packages. oval:org.secpod.oval:def:301120 In mdv 2010.1 we provided kde 4.4.3 ,this update provides kde 4.4.5 and Qt 4.6.3, which fixed several bugs in kde/qt. oval:org.secpod.oval:def:300392 This is a bugfix and maintenance advisory that upgrades OpenOffice.org to the 3.2.1 version. Additionally a couple of Mandriva reported bugs has been fixed as described as follows: Openoffice.org status bar items got hidden whenever using openoffice.org-kde4 package integration. Viewing OpenOffice.o ... oval:org.secpod.oval:def:301016 ffmpeg as shipped in Mandriva 2010.2 was built without PNG support. This update enables PNG in ffmpeg's libavcodec library. oval:org.secpod.oval:def:301136 Gnucash would crash on startup for users who had updated from 2010.0 to 2010.1 as the slib package was not updated properly. This update is the correct build of slib for Mandriva 2010.1. oval:org.secpod.oval:def:300161 This update: - fixes bug related to loading png files after upgrading GTK in distro upgrade; - Adds the mdkapplet restart feature to mdkapplet-upgrade-helper, triggered after a successful upgrade . oval:org.secpod.oval:def:301130 This is a bugfix and maintenance update of the python package that addresses the following issue: sys.plaform should return the name of the platform where the python binary had been built. It usually returns 'linux2'. However since the kernel has increased its major number to 3, bu ... oval:org.secpod.oval:def:301146 A dependency flaw in the openssl packages could under certain circumstances prevent the engines sub package from being upgraded. This update fixes this issue. oval:org.secpod.oval:def:300052 The evtouch Xorg driver was not working because its ABI was too old. The new version contains the necessary ABI updates, so the driver can now work correctly. oval:org.secpod.oval:def:300291 The rpmstats package in 2010.0 updates had a higher release number than the one for 2010.1. This advisory corrects the problem. oval:org.secpod.oval:def:300185 Gthumb would crash for users of Nvidia graphic cards. This is a new version that contains a fix for the crash. oval:org.secpod.oval:def:301033 This advisory updates wireshark to the latest version , fixing several security issues: * Large/infinite loop in the DICOM dissector. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. * Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary fi ... oval:org.secpod.oval:def:301151 Due to bug in nss_updatedb package old BDB transaction logs were not removed from /var/lib/misc directory, possibly filling the /var filesystem. The fixed package corrects this bug, and will also remove all leftover transaction logs from the system. oval:org.secpod.oval:def:301043 This is a maintenance and bugfix release that upgrades mysql to the latest 5.1 version which solves numerous upstream bugs. The updated packages have been upgraded to mysql 5.1.58. oval:org.secpod.oval:def:301163 Evolution would sometimes crash when you view and close messages quickly, while the preview panel is disabled. This updates Evolution to the latest version that prevents this problem. oval:org.secpod.oval:def:300089 This advisory fixes the gpg keys parsing, which were resulting in some warnings . oval:org.secpod.oval:def:300083 * Some applications that use libXaw were printing error messages when started. Their appearance was also slightly different from the expected. This update stops the error messages and fixes their appearance. * The libXaw package had a poor description. This updates improves the package description a ... oval:org.secpod.oval:def:301050 This package updates hplip to the latest version, bringing a lot of bugfixes. oval:org.secpod.oval:def:302905 A vulnerability has been discovered and corrected in nut: Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service via a long string containing non-printable characters . T ... oval:org.secpod.oval:def:302910 Multiple vulnerabilities has been discovered and corrected in postgresql: Fix incorrect password transformation in contrib/pgcrypto's DES crypt function . If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than i ... oval:org.secpod.oval:def:302908 Multiple vulnerabilities has been identified and fixed in php: There is a programming error in the DES implementation used in crypt in ext/standard/crypt_freesec.c when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with only ... oval:org.secpod.oval:def:302907 A vulnerability was discovered and corrected in bind: ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial ... oval:org.secpod.oval:def:300132 A vulnerability was discovered and corrected in freeciv: freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the os, io, package, dofile, loadfile, loadlib, module, and r ... oval:org.secpod.oval:def:301031 A vulnerability has been identified and fixed in rdesktop: Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. in a pathname . Packages for 2009.0 ... oval:org.secpod.oval:def:300303 A vulnerability has been found and corrected in sudo: Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a -u root sequence . The upda ... oval:org.secpod.oval:def:300071 A vulnerability has been found and corrected in vte: The vte_sequence_handler_window_manipulation function in vteseq.c in libvte in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain pot ... oval:org.secpod.oval:def:300274 A vulnerability has been found and corrected in squid: The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service via a crafted request . Packages for 2008.0 and 2009.0 are provided as of the Extended Maintena ... oval:org.secpod.oval:def:300183 A vulnerability has been found in Qt Creator 2.0.0 and previous versions. The vulnerability occurs because of an insecure manipulation of a Unix environment variable by the qtcreator shell script. It manifests by causing Qt or Qt Creator to attempt to load certain library names from the current work ... oval:org.secpod.oval:def:300412 A vulnerability has been found and corrected in banshee: The banshee-1 and muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory . Packa ... oval:org.secpod.oval:def:300048 A vulnerability was discovered and corrected in gnucash: gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory . The affected /usr/bin/gnc-t ... oval:org.secpod.oval:def:300346 A vulnerability was discovered and corrected in git : A cross-site scripting vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:302854 A vulnerability has been found and corrected in libvpx: VP8 Codec SDK before 1.0.0 Duclair allows remote attackers to cause a denial of service via unspecified corrupt input or by starting decoding from a P-frame, which triggers an out-of-bounds read, related to the clamping of motion vectors in ... oval:org.secpod.oval:def:302876 A vulnerability has been found and corrected in mutt: Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than ... oval:org.secpod.oval:def:302889 A vulnerability has been found and corrected in libvpx: VP8 Codec SDK before 1.0.0 Duclair allows remote attackers to cause a denial of service via unspecified corrupt input or by starting decoding from a P-frame, which triggers an out-of-bounds read, related to the clamping of motion vectors in ... oval:org.secpod.oval:def:300355 A vulnerability was discovered and corrected in ISC dhcp: ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address fiel ... oval:org.secpod.oval:def:300407 A vulnerability has been found and corrected in dhcp: The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service by sending a message over IPv6 for a declined and abandoned addre ... oval:org.secpod.oval:def:300403 Multiple vulnerabilities were discovered and corrected in krb5: The MIT krb5 KDC database propagation daemon is vulnerable to a denial-of-service attack triggered by invalid network input. If a kpropd worker process receives invalid input that causes it to exit with an abnormal status, it can cause ... oval:org.secpod.oval:def:301104 Multiple vulnerabilities has been found and corrected in krb5: The krb5_ldap_lockout_audit function in the Key Distribution Center in MIT Kerberos 5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service via unspecified vector ... oval:org.secpod.oval:def:301002 A vulnerability has been found and corrected in krb5: The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service via ... oval:org.secpod.oval:def:300397 A vulnerability has been found and corrected in dhcp: ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp proc ... oval:org.secpod.oval:def:300271 A vulnerability was discovered and corrected in krb5: The merge_authdata function in kdc_authdata.c in the Key Distribution Center in MIT Kerberos 5 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service , or ... oval:org.secpod.oval:def:300393 Multiple vulnerabilities has been found and corrected in evince: Array index error in the PK and VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font in conjunction with a DV ... oval:org.secpod.oval:def:301023 A denial-of-service attack related to glob brace expansion was discovered and fixed in pure-ftpd . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301029 A vulnerability has been identified and fixed in dovecot: lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service via a crafted e-m ... oval:org.secpod.oval:def:300198 A vulnerability has been found and corrected in perl-libwww-perl: lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . character, which allows remote servers to create or overwrite files via a 3xx redirect to a URL with a crafted filename or a Conten ... oval:org.secpod.oval:def:300088 Multiple vulnerabilities were discovered and corrected in poppler: The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference . The PostScriptFunction::PostScriptFunctio ... oval:org.secpod.oval:def:302900 Multiple vulnerabilities has been discovered and corrected in ncpfs: ncpfs 2.2.6 and earlier attempts to use ncpmount to append to the /etc/mtab file and ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigge ... oval:org.secpod.oval:def:301076 A vulnerability has been discovered and corrected in nfs-utils: It was found that the mount.nfs tool did not handle certain errors correctly when updating the mtab file. A local attacker could use this flaw to corrupt the mtab file . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300133 A vulnerability was discovered and corrected in mono: Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory . Packages for 2009.0 are provided as of the Extended Mainte ... oval:org.secpod.oval:def:300389 A vulnerability has been found and corrected in perl-CGI: Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2 ... oval:org.secpod.oval:def:300385 Multiple vulnerabilities has been found and corrected in mysql: storage/innobase/dict/dict0crea.c in mysqld in MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service by modifying the innodb_file_format or innodb_file_per_table configuration parameters for the InnoD ... oval:org.secpod.oval:def:301123 A vulnerability has been discovered and corrected in libcap: capsh did not chdir after callling chroot. Programs could therefore access the current directory outside of the chroot . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300031 Multiple vulnerabilities was discovered and corrected in dovecot: Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing ... oval:org.secpod.oval:def:301027 A vulnerability has been identified and fixed in cyrus-imapd: The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed a ... oval:org.secpod.oval:def:301020 A vulnerability has been found and corrected in perl: The lc, lcfirst, uc, and ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent ... oval:org.secpod.oval:def:300410 Multiple vulnerabilities has been found and corrected in python-django: Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery attacks via for ... oval:org.secpod.oval:def:302809 A vulnerability has been found and corrected in libsoup: Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e in a URI . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:302791 A vulnerability has been found and corrected in nginx: Specially crafted backend response could result in sensitive information leak . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300281 Multiple vulnerabilities were discovered and corrected in bind: named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attack ... oval:org.secpod.oval:def:300445 A vulnerability has been found and corrected in ISC DHCP: dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message . Add ... oval:org.secpod.oval:def:301004 A vulnerability has been found and corrected in xrdb: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP or XDMCP message . Packages for 2009.0 are provided as of the Extended Ma ... oval:org.secpod.oval:def:301052 Multiple vulnerabilities has been discovered and corrected in dhcp: The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service via a crafted DHCP packet . The server in ISC DHCP 3.x and 4.x before 4. ... oval:org.secpod.oval:def:300394 A vulnerability has been found and corrected in libuser: libuser before 0.57 uses a cleartext password value of !! or x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values . Packages for 2009.0 are provided as of the Extended Ma ... oval:org.secpod.oval:def:300168 Multiple vulnerabilities has been found and corrected in libesmtp: libESMTP, probably 1.0.4 and earlier, does not properly handle a \"\0\" character in a domain name in the subject"s Common Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers ... oval:org.secpod.oval:def:301021 A vulnerability has been found and corrected in perl-IO-Socket-SSL: IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate re ... oval:org.secpod.oval:def:301114 A vulnerability was discovered and fixed in proftpd: Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer . The updated packages have been upgraded t ... oval:org.secpod.oval:def:301014 A vulnerability has been found and corrected in polkit: A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pk ... oval:org.secpod.oval:def:301132 A vulnerability was discovered and corrected in automake: The dist or distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions to directories in the build ... oval:org.secpod.oval:def:300195 Security issues were identified and fixed in firefox and mozilla-thinderbird: Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, w ... oval:org.secpod.oval:def:300258 Security issues were identified and fixed in mozilla-thunderbird: Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system"s font implementati ... oval:org.secpod.oval:def:300296 Security issues were identified and fixed in firefox: Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by th ... oval:org.secpod.oval:def:300328 A security issue was identified and fixed in mozilla-thunderbird: Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in October 2010 by ... oval:org.secpod.oval:def:300221 A vulnerability was discovered and corrected in xulrunner: Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in October 2010 by the Be ... oval:org.secpod.oval:def:300079 Security issues were identified and fixed in mozilla-thunderbird: The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral mo ... oval:org.secpod.oval:def:300075 Security issues were identified and fixed in firefox: Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject"s Common Name field of an X.509 certificate, which might allow man-i ... oval:org.secpod.oval:def:301149 Ovidiu Mara reported a vulnerability in ping.c that could cause ping to hang when responding to a malicious echo reply . The updated packages have been patched to correct these issues. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300420 A buffer overflow was discovered in libtiff which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with CCITT Group 4 encoding . Additionally it was discovered that the fixes for CVE-2009-2347 and CVE-2010-2065 were incomplete for Mandriva Linu ... oval:org.secpod.oval:def:300310 This advisory updates wireshark to the latest version , fixing one security issue: Heap-based buffer overflow in the dissect_ldss_transfer function in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service and possibly exec ... oval:org.secpod.oval:def:300401 A vulnerability has been found and corrected in wireshark: Buffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding compression . The update ... oval:org.secpod.oval:def:301040 A vulnerability was discovered and corrected in bind: Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service via a crafted UPDATE request . Packages for 2009.0 are provided as of the E ... oval:org.secpod.oval:def:302899 Multiple vulnerabilities has been discovered and corrected in util-linux: mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a proce ... oval:org.secpod.oval:def:302816 Multiple flaws were found in FreeType. Specially crafted files could cause application crashes or potentially execute arbitrary code . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300425 A vulnerability was discovered and corrected in vsftpd: The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-20 ... oval:org.secpod.oval:def:301100 A vulnerability has been discovered and corrected in systemtap: SystemTap 1.4 and earlier, when unprivileged mode is enabled, allows local users to cause a denial of service via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variab ... oval:org.secpod.oval:def:301047 A vulnerability was discovered and corrected in libsndfile: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the libsndfile library processed certain Ensoniq PARIS Audio Format audio files. An attacker could create a specially-crafted PAF file that, when opene ... oval:org.secpod.oval:def:301003 A vulnerability has been found and corrected in libtiff: The libtiff OJPEG decoder contains a heap buffer overflow when decoding certain malformed data . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301011 This advisory updates wireshark to the latest version , fixing several security issues: The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service via a crafted .pcap ... oval:org.secpod.oval:def:300442 A vulnerability has been found and corrected in kdelibs4: kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL ser ... oval:org.secpod.oval:def:301001 A vulnerability has been found and corrected in kdelibs4: Cross-site scripting vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to a ... oval:org.secpod.oval:def:300433 A vulnerability wase discovered and corrected in rsync: rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service or possibly execute arbitrary code via malformed data . Packages for 2009.0 are provided as of t ... oval:org.secpod.oval:def:300432 Multiple vulnerabilities were discovered and corrected in logrotate: Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place . The shred_file function in logrotate ... oval:org.secpod.oval:def:300006 A null pointer dereference due to receiving a short packet for a direct connection in the MSN code could potentially cause a denial of service. Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300387 A vulnerability has been found and corrected in wireshark: Buffer overflow in the MAC-LTE dissector in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of RARs . The updated packages h ... oval:org.secpod.oval:def:301117 Multiple vulnerabilities has been identified and fixed in pidgin: It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load did not properly handle certain return values from its subroutines. A remote attacker could provide a specially-crafted GIF image, which, once opened ... oval:org.secpod.oval:def:300415 A vulnerability has been found and corrected in mailman: Multiple cross-site scripting vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the full name or username field in a confirmation message . Packages for 200 ... oval:org.secpod.oval:def:300427 Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk: The JNLP SecurityManager in IcedTea 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might ... oval:org.secpod.oval:def:300409 Multiple vulnerabilities were discovered and corrected in OpenOffice.org: Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files via a .. in an entry in an XSLT JAR filter description file, an Extension file, or unspecified other JAR or ZIP files . Use-aft ... oval:org.secpod.oval:def:300419 A vulnerability has been found and corrected in pango: It was discovered that pango did not check for memory reallocation failures in hb_buffer_ensure function. This could trigger a NULL pointer dereference in hb_buffer_add_glyph, where possibly untrusted input is used as an index used for accessing ... oval:org.secpod.oval:def:300411 A vulnerability has been found and corrected in eclipse: Multiple cross-site scripting vulnerabilities in the Help Contents web application in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to help/index.jsp or help/advanced/content.js ... oval:org.secpod.oval:def:300399 Multiple vulnerabilities has been found and corrected in subversion: The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service via vectors that trigger the walk ... oval:org.secpod.oval:def:300067 A vulnerability was discovered and corrected in freetype2: Marc Schoenefeld found an input stream position error in the way FreeType font rendering engine processed input file streams. If a user loaded a specially-crafted font file with an application linked against FreeType and relevant font glyphs ... oval:org.secpod.oval:def:301049 A vulnerability was discovered and corrected in freetype2: Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, allows remote attackers to execute arbitrary code or cause a denial of service via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011 . Packa ... oval:org.secpod.oval:def:300151 A vulnerability has been found and corrected in libHX: Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service via a string that is inconsistent with the expected number of fields . The update ... oval:org.secpod.oval:def:300118 A vulnerability has been discovered and corrected in freetype2: Multiple stack overflow flaws have been reported in the way FreeType font rendering engine processed certain CFF opcodes. An attacker could use these flaws to create a specially-crafted font file that, when opened, would cause an applic ... oval:org.secpod.oval:def:300246 A vulnerability has been found and corrected in libtiff: libtiff allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted TIFF image . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300023 Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image tha ... oval:org.secpod.oval:def:301153 Multiple vulnerabilities were discovered and corrected in proftpd: Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory t ... oval:org.secpod.oval:def:300426 Multiple vulnerabilities has been identified and fixed in pidgin: It was discovered that libpurple versions prior to 2.7.10 do not properly clear certain data structures used in libpurple/cipher.c prior to freeing. An attacker could potentially extract partial information from memory regions freed b ... oval:org.secpod.oval:def:301051 Multiple vulnerabilities were discovered and corrected in java-1.6.0-openjdk: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and un ... oval:org.secpod.oval:def:302839 A vulnerability has been found and corrected in libtasn1: The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:302817 A vulnerability has been found and corrected in cvs: A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the ... oval:org.secpod.oval:def:302815 A vulnerability has been found and corrected in t1lib: t1lib 5.1.2 and earlier uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a specially crafted Type 1 font in a PDF document . The updated packages have been patched t ... oval:org.secpod.oval:def:302823 Multiple vulnerabilities has been found and corrected in t1lib: A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input stream. A remote attacker could ... oval:org.secpod.oval:def:300398 It was discovered that t1lib suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 . As a precaution t1lib has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300391 It was discovered that tetex suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 . As a precaution tetex has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:302868 A vulnerability has been found and corrected in samba: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw ... oval:org.secpod.oval:def:302887 A vulnerability has been found and corrected in cifs-utils: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this ... oval:org.secpod.oval:def:302921 A vulnerability has been discovered and corrected in krb5: Fix a kadmind denial of service issue , which could only be triggered by an administrator with the create privilege . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301013 Multile vulnerabilities has been found and corrected in vino: The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated us ... oval:org.secpod.oval:def:300219 A vulnerability has been found and corrected in wget: GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wget ... oval:org.secpod.oval:def:301091 A vulnerability has been discovered and corrected in krb5-appl, heimdal and netkit-telnet: An unauthenticated remote attacker can cause a buffer overflow and probably execute arbitrary code with the privileges of the telnet daemon . In Mandriva the telnetd daemon from the netkit-telnet-server packag ... oval:org.secpod.oval:def:301118 Multiple vulnerabilities has been discovered and corrected in pidgin: When receiving various stanzas related to voice and video chat, the XMPP protocol plugin failed to ensure that the incoming message contained all required fields, and would crash if certain fields were missing. When receiving vari ... oval:org.secpod.oval:def:300400 A vulnerability has been found and corrected in pcsc-lite: Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset Handler for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service and poss ... oval:org.secpod.oval:def:301015 A vulnerability has been found and corrected in libmodplug: Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file . Packages for 2009.0 are provided as of the Extended Maintenance Progra ... oval:org.secpod.oval:def:302843 Multiple vulnerabilities has been found and corrected in ffmpeg: The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file . cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:300436 The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root ... oval:org.secpod.oval:def:301131 Multiple vulnerabilities has been discovered and corrected in tomcat 5.5.x: The implementation of HTTP DIGEST authentication in tomcat was discovered to have several weaknesses . Apache Tomcat, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in ... oval:org.secpod.oval:def:301045 Multiple vulnerabilities has been discovered and corrected in samba: All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool . By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, ... oval:org.secpod.oval:def:300149 A vulnerability in the GNU C library was discovered which could escalate the privilegies for local users . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301119 Multiple vulnerabilities has been found and corrected in tomcat5: When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate ... oval:org.secpod.oval:def:300370 Multiple vulnerabilities was discovered and corrected in postgresql: An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges . Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Pr ... oval:org.secpod.oval:def:300275 Multiple vulnerabilities were discovered and corrected in pam: The pam_xauth module did not verify the return values of the setuid and setgid system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file . The ... oval:org.secpod.oval:def:300434 Multiple vulnerabilities has been identified and fixed in ffmpeg: FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted file that triggers an infinite loop. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers t ... oval:org.secpod.oval:def:301019 Multiple vulnerabilities have been identified and fixed in mplayer: FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted file that triggers an infinite loop. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers ... oval:org.secpod.oval:def:301041 Multiple vulnerabilities have been identified and fixed in blender: oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bou ... oval:org.secpod.oval:def:300396 Multiple vulnerabilities has been found and corrected in MHonArc: MHonArc 2.6.16 allows remote attackers to cause a denial of service via start tags that are placed within other start tags, as demonstrated by a <bo<bo<bo<bo<body>dy>dy>dy&g ... oval:org.secpod.oval:def:301188 A vulnerability has been discovered and corrected in libmikmod: Multiple heap-based buffer overflows might allow remote attackers to execute arbitrary code via crafted samples or crafted instrument definitions in an Impulse Tracker file . Packages for 2008.0 and 2009.0 are provided as of the Exten ... oval:org.secpod.oval:def:300254 A denial of service attack against apr_brigade_split_line was discovered in apr-util . Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300033 Security issues were identified and fixed in firefox: layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted HTML ... oval:org.secpod.oval:def:300232 A vulnerability in the GNU C library was discovered which could escalate the privilegies for local users . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300418 A vulnerability has been found and corrected in samba: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code t ... oval:org.secpod.oval:def:300443 A vulnerability was discovered and corrected in subversion: The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service via a request that contains a lock token . Additionally for Corporate Server 4 and E ... oval:org.secpod.oval:def:301183 A vulnerability was discovered and corrected in openssl: OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of an unint ... oval:org.secpod.oval:def:301072 A vulnerability has been found and corrected in openssl: Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications ... oval:org.secpod.oval:def:301174 A vulnerability was discovered in openssl that causes a race condition within the TLS extension parsing code and which can be exploited to cause a heap-based buffer overflow . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300063 Multiple vulnerabilities was discovered and corrected in the OpenOffice.org: Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow . Heap-based buffer overflow allows remote attackers to cause a denial of service or poss ... oval:org.secpod.oval:def:301133 Multiple vulnerabilities has been found and corrected in tomcat5: Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. in an entry in a WAR file, as demonstrated by a ../../bin/catali ... oval:org.secpod.oval:def:301007 Chris Evans of the Chrome Security Team reported that the XSLT generate-id function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploitin ... oval:org.secpod.oval:def:301127 A vulnerability has been discovered and corrected in gimp: The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif- ... oval:org.secpod.oval:def:302869 Multiple vulnerabilities has been found and corrected in imagemagick: Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working dir ... oval:org.secpod.oval:def:301108 Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code . Additionally for Mandriva Linux 2009.0 and Mandriva Linux Enterpri ... oval:org.secpod.oval:def:302808 A vulnerability has been found and corrected in libxslt: libxslt allows remote attackers to cause a denial of service via unspecified vectors . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:302837 A vulnerability has been found and corrected in libpng: A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, po ... oval:org.secpod.oval:def:302862 Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances ... oval:org.secpod.oval:def:302832 Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbi ... oval:org.secpod.oval:def:302867 A vulnerability has been found and corrected in GnuTLS: gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service via a crafted record, as demonstrated by a craf ... oval:org.secpod.oval:def:302803 A vulnerability has been found and corrected in ASF APR: tables/apr_hash.c in the Apache Portable Runtime library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via cra ... oval:org.secpod.oval:def:302805 A vulnerability has been found and corrected in GnuTLS: Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denia ... oval:org.secpod.oval:def:301060 Multiple vulnerabilities has been discovered and corrected in samba/cifs-utils: smbfs in Samba 3.5.8 and earlier attempts to use mount.cifs to append to the /etc/mtab file and umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allo ... oval:org.secpod.oval:def:301083 A vulnerability was discovered and corrected in rsyslog: Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service via a long TAG in a legacy syslog ... oval:org.secpod.oval:def:301059 Multiple vulnerabilities has been discovered and corrected in apache: The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service via a Range header that expresses multiple overlapping ranges, as exploited ... oval:org.secpod.oval:def:301030 Multiple vulnerabilities was discovered and fixed in gimp: Stack-based buffer overflow in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a long Position field in ... oval:org.secpod.oval:def:301068 Multiple vulnerabilities has been discovered and corrected in libpng: The png_format_buffer function in pngerror.c in libpng allows remote attackers to cause a denial of service via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerab ... oval:org.secpod.oval:def:301022 It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301017 A vulnerability has been found and corrected in postfix: The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which ... oval:org.secpod.oval:def:301009 A vulnerability has been found and corrected in kdenetwork4: Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. in the name attribut ... oval:org.secpod.oval:def:300404 A vulnerability was discovered and corrected in postgresql: Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to ca ... oval:org.secpod.oval:def:301106 Multiple vulnerabilities has been found and corrected in sudo: A a patch for parse.c in sudo does not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain r ... oval:org.secpod.oval:def:301137 A vulnerability has been found and corrected in openssl: Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service and possibly ... oval:org.secpod.oval:def:302880 A vulnerability has been found and corrected in libxml2: A heap-based buffer overflow in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:302915 A vulnerability has been discovered and corrected in libxml2: An Off-by-one error in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301077 Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges ... oval:org.secpod.oval:def:302799 A vulnerability has been found and corrected in ruby: Ruby before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via crafted input to an application that maintains a hash ... oval:org.secpod.oval:def:301101 Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301058 Multiple vulnerabilities has been discovered and corrected in libxml/libxml2: Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a ... oval:org.secpod.oval:def:301098 Multiple vulnerabilities has been discovered and corrected in libxml2: Off-by-one error in libxml allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site CVE-2011-0216out-of-bounds read(CVE-2011-3905 oval:org.secpod.oval:def:301006 Security issues were identified and fixed in mozilla-thunderbird: Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether ... oval:org.secpod.oval:def:301038 Security issues were identified and fixed in mozilla firefox and thunderbird: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks befor ... oval:org.secpod.oval:def:301056 Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption u ... oval:org.secpod.oval:def:300422 Cross-site request forgery vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different w ... oval:org.secpod.oval:def:300421 Security issues were identified and fixed in mozilla-thunderbird: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service or possibl ... oval:org.secpod.oval:def:302789 Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call ... oval:org.secpod.oval:def:302804 A vulnerability has been found and corrected in libvorbis: If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application . The updated pac ... oval:org.secpod.oval:def:302892 Security issues were identified and fixed in mozilla firefox and thunderbird: Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors ... oval:org.secpod.oval:def:302792 Security issues were identified and fixed in mozilla firefox and thunderbird: Security researchers Blair Strang and Scott Bell of Security Assessment found that when a parent window spawns and closes a child window that uses the file open dialog, a crash can be induced in shlwapi.dll on 32-bit Windo ... oval:org.secpod.oval:def:302911 Multiple security issues were identified and fixed in OpenJDK : * S7079902, CVE-2012-1711: Refine CORBA data models * S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations * S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement * S7143606, CVE-2012-1717: File.createTempFile ... oval:org.secpod.oval:def:300302 Multiple vulnerabilities were discovered and corrected in mysql: * During evaluation of arguments to extreme-value functions , type errors did not propagate properly, causing the server to crash . * The server could crash after materializing a derived table that required a temporary table for groupi ... oval:org.secpod.oval:def:302840 Multiple security issues were identified and fixed in OpenJDK : Fix issues in java sound . Fix in AtomicReferenceArray . Add property to limit number of request headers to the HTTP Server . Incorect checking for graphics rendering object . Multiple unspecified vulnerabilities allows remote attackers ... oval:org.secpod.oval:def:302844 A vulnerability has been found and corrected in openssl: A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:302851 A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio that affects S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300430 Multiple vulnerabilities were discovered and corrected in libtiff: Buffer overflow in LibTIFF allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding . Heap-based buffer overflow in the thunder decoder in tif_thunder.c in LibTIFF 3 ... oval:org.secpod.oval:def:300438 It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:302857 Multiple vulnerabilities has been identified and fixed in php: The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls th ... oval:org.secpod.oval:def:302855 Multiple vulnerabilities has been found and corrected in perl: Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service via a crafted Unicode string, which t ... oval:org.secpod.oval:def:302866 It was discovered that the fix for CVE-2012-2110 was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue. oval:org.secpod.oval:def:300102 This advisory updates wireshark to the latest version, fixing several security issues: Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors . Buffer overflow in the SigComp Universal Decompressor Virtual M ... oval:org.secpod.oval:def:302883 Multiple vulnerabilities has been found and corrected in openssl: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack . Double free vu ... oval:org.secpod.oval:def:302881 A vulnerability has been found and corrected in openssl: OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108 . The upda ... oval:org.secpod.oval:def:302895 A vulnerability has been found and corrected in sudo: A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in ... oval:org.secpod.oval:def:302917 A vulnerability has been discovered and corrected in net-snmp: An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker havi ... oval:org.secpod.oval:def:302806 Multiple vulnerabilities has been found and corrected in openssl: The implementation of Cryptographic Message Syntax and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data v ... oval:org.secpod.oval:def:301061 A vulnerability has been identified and fixed in php: The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packag ... oval:org.secpod.oval:def:301079 A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font . A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox . Additionall ... oval:org.secpod.oval:def:301099 Multiple vulnerabilities has been discovered and corrected in openssl: The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which ... oval:org.secpod.oval:def:301090 A vulnerability has been discovered and corrected in ipmitool: ipmievd as used in the ipmitool package uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file . In Mandriva the ipmievd daemon from the ipmitool package does not ... oval:org.secpod.oval:def:302794 A vulnerability has been found and corrected in php: PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code wi ... oval:org.secpod.oval:def:300388 A vulnerability has been found and corrected in hplip: A flaw was found in the way certain HPLIP tools discovered devices using the SNMP protocol. If a user ran certain HPLIP tools that search for supported devices using SNMP, and a malicious user is able to send specially-crafted SNMP responses, it ... oval:org.secpod.oval:def:301111 Multiple vulnerabilities has been discovered and corrected in php: Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a ... oval:org.secpod.oval:def:301124 A vulnerability has been discovered and corrected in apache: The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service via a malformed HTTP request . The fix for CVE-2011-3192 p ... oval:org.secpod.oval:def:300163 Multiple vulnerabilities has been found and corrected in mysql: MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service via an ALTER DATABASE command with a #mysql50# string followed by a . , .. , ../ or similar sequence, and an UPGRADE DAT ... oval:org.secpod.oval:def:301028 Multiple vulnerabilities have been identified and fixed in ruby: Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page . The FileUtils.remove_entry_secure method in Ruby ... oval:org.secpod.oval:def:301034 Multiple vulnerabilities were discovered and corrected in subversion: The mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources which can lead to a DoS . The mod_dav_svn Apache HTTPD server module may in certain cenarios enter a logic ... oval:org.secpod.oval:def:301048 This advisory updates wireshark to the latest version , fixing one security issue: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service via malformed packets . oval:org.secpod.oval:def:301044 A vulnerability was discovered and corrected in curl: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via ... oval:org.secpod.oval:def:302838 Multiple out-of heap-based buffer read flaws and invalid pointer dereference flaws were found in the way file, utility for determining of file types processed header section for certain Composite Document Format files. A remote attacker could provide a specially-crafted CDF file, which once inspect ... oval:org.secpod.oval:def:300307 Multiple vulnerabilities has been found and corrected in mailman: Multiple cross-site scripting vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving the list information field or the list description field . ... oval:org.secpod.oval:def:302849 A vulnerability has been found and corrected in samba: The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to e ... oval:org.secpod.oval:def:302847 Security issues were identified and fixed in mozilla firefox and thunderbird: An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable. The mozilla firefox and thunderbird packages ... oval:org.secpod.oval:def:302850 A potential memory corruption has been found and corrected in libpng . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:302861 Multiple vulnerabilities has been found and corrected in apache: Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file w ... oval:org.secpod.oval:def:302860 A vulnerability has been found and corrected in samba: Security checks were incorrectly applied to the Local Security Authority remote proceedure calls CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database . The updat ... oval:org.secpod.oval:def:300344 A vulnerability was discovered and corrected in libmbfl : * Fix bug #53273 . The updated packages have been patched to correct these issues. Update: The MDVSA-2010:225 advisory used the wrong patch to address the problem, however it did fix the issue. This advisory provides the correct upstream pat ... oval:org.secpod.oval:def:302888 Security issues were identified and fixed in mozilla firefox and thunderbird: An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable . The mozilla firefox and thunderbird packages ... oval:org.secpod.oval:def:302891 A vulnerability has been found and corrected in libtiff: An integer overflow was discovered in the libtiff/tiff_getimage.c file in the tiff library which could cause execution of arbitrary code using a specially crafted TIFF image file . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300358 A vulnerability was discovered and corrected in libmbfl : * Fix bug #53273 . The updated packages have been patched to correct these issues. oval:org.secpod.oval:def:300128 A vulnerabilitiy has been found and corrected in apache: The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service via a request that lacks a path . Packages for 2008.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301069 A vulnerability has been discovered and corrected in php-pear: The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the download_dir, cache_dir, tmp_dir, and pear-build-download directories, a different vulner ... oval:org.secpod.oval:def:301065 A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] . The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. Update: Pack ... oval:org.secpod.oval:def:301064 Multiple vulnerabilities was discovered and corrected in kdelibs4: KDE KSSL in kdelibs does not properly handle a \'\0\' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL server ... oval:org.secpod.oval:def:301089 Multiple vulnerabilities has been identified and fixed in php: The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service via an ... oval:org.secpod.oval:def:301081 A vulnerability has been discovered and corrected in apache: The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of RewriteRule and ProxyPassMatch pattern matches for configuration of a reverse prox ... oval:org.secpod.oval:def:301095 A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] . The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. Update: Pack ... oval:org.secpod.oval:def:301093 A vulnerability has been discovered and corrected in squid: Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service or possibly have un ... oval:org.secpod.oval:def:300253 A vulnerability was discovered and corrected in php: A flaw in ext/xml/xml.c could cause a cross-site scripting vulnerability . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:301107 A vulnerability has been discovered and corrected in dhcp: dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service via a crafted request packet . The updated packages h ... oval:org.secpod.oval:def:301115 A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] . The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. oval:org.secpod.oval:def:300158 A vulnerability has been found and corrected in samba: Stack-based buffer overflow in the sid_parse and dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Windows Security ID on a file share . The u ... oval:org.secpod.oval:def:300035 Multiple vulnerabilities were discovered and corrected in php: Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service via a long e-mail address stri ... oval:org.secpod.oval:def:301129 A vulnerability has been discovered and corrected in icu: A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the appli ... oval:org.secpod.oval:def:301026 A vulnerability has been identified and fixed in libzip: The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service via an empty ... oval:org.secpod.oval:def:300058 Multiple vulnerabilities were discovered and corrected in krb5: An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some circumstances, this can negate the incremental security benefit of using a ... oval:org.secpod.oval:def:300177 A vulnerability was discovered and corrected in subversion: authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule ... oval:org.secpod.oval:def:300051 An integer overflow has been found and corrected in bzip2 which could be exploited by using a specially crafted bz2 file and cause a denial of service attack . Additionally clamav has been upgraded to 0.96.2 and has been patched for this issue. perl-Compress-Bzip2 in MES5 has been linked against the ... oval:org.secpod.oval:def:301032 A vulnerability has been identified and fixed in ISC BIND: Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service via a negative response containing large ... oval:org.secpod.oval:def:300077 A vulnerability was discovered and corrected in libxml2: A double free vulnerability in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling . Packages for 2009.0 are provided as of the Extended Maintenance Prog ... oval:org.secpod.oval:def:300194 Multiple vulnerabilities were discovered and corrected in freetype2: An error within the "Ins_SHZ" function in src/truetype/ttinterp.c when handling the "SHZ" bytecode instruction can be exploited to cause a crash and potentially execute arbitrary code via a specially crafted fon ... oval:org.secpod.oval:def:300193 A possible double free flaw was found in the imap extension for php . A GC corrupting flaw was found in Zend/zend_gc.c for php-5.3.x that under certain circumstances could case a segmention fault . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:300191 A vulnerability was discovered and corrected in libxml2: libxml2 before 2.7.8 reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service via a crafted XML document . Packages for 2009.0 are provided as ... oval:org.secpod.oval:def:301087 A vulnerability has been discovered and corrected in libxfont: The LZW decompressor in the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other prod ... oval:org.secpod.oval:def:302797 A vulnerability has been found and corrected in php: PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code wi ... oval:org.secpod.oval:def:300424 This advisory updates wireshark to the latest version , fixing several security issues: Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service or possibly have unspecified ... oval:org.secpod.oval:def:300243 A vulnerability has been found and corrected in git: Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy . The updated packages have been patched to correct this ... oval:org.secpod.oval:def:301073 Multiple vulnerabilities has been discovered and corrected in jasper: Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted numrlvls value in a JPEG2000 ... oval:org.secpod.oval:def:300416 A vulnerability has been found and corrected in avahi: avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service via an empty IPv4 or IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244 . ... oval:org.secpod.oval:def:300380 A vulnerability was discovered and corrected in avahi: The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a diffe ... oval:org.secpod.oval:def:301066 Multiple vulnerabilities has been discovered and corrected in cups: The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service via HTT ... oval:org.secpod.oval:def:301160 Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service via unspecified v ... oval:org.secpod.oval:def:300017 A security vulnerability has been identified and fixed in pidgin: It has been discovered that eight denial of service conditions exist in libpurple all due to insufficient validation of the return value from purple_base64_decode. Invalid or malformed data received in place of a valid base64-encoded ... oval:org.secpod.oval:def:300020 A security vulnerability has been identified and fixed in pidgin: The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service via an X-Status message that lacks the expected end tag for ... oval:org.secpod.oval:def:300417 Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. Please consult the CVE web links for further information. The updated packages have been upgraded to the latest version to correct these issues. oval:org.secpod.oval:def:300036 A vulnerability has been discovered and corrected in gnupg2: Importing a certificate with more than 98 Subject Alternate Names via GPGSM"s import command or implicitly while verifying a signature causes GPGSM to reallocate an array with the names. The bug is that the reallocation code misses assigni ... oval:org.secpod.oval:def:300157 Multiple vulnerabilities has been found and corrected in mozilla-thunderbird: dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script"s URL in cer ... oval:org.secpod.oval:def:301141 This is a maintenance and security update that upgrades php to 5.3.4 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.4: * Paths with NULL in them are now considered as invalid . * Fixed bug #53512 Please note that CVE-2010-4150, CVE-2010-3870, CVE-2010-3436, CVE-2010-3709, CVE-2010- ... oval:org.secpod.oval:def:302874 Multiple vulnerabilities has been discovered and corrected in postgresql: Permissions on a function called by a trigger are not properly checked . SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate auth ... oval:org.secpod.oval:def:302920 Multiple vulnerabilities has been discovered and corrected in libtiff: libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application link ... oval:org.secpod.oval:def:302841 An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had ac ... oval:org.secpod.oval:def:300325 Multiple vulnerabilities has been found and corrected in libpng: Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service via a crafted PNG file oval:org.secpod.oval:def:300104 Multiple vulnerabilities were discovered and corrected in cups: Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings . ipp.c in cupsd in CUPS 1.4.4 and earlier does not properl ... oval:org.secpod.oval:def:300229 Multiple vulnerabilities has been discovered and corrected in openldap: The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service and possibly execute arbitrary cod ... oval:org.secpod.oval:def:301184 This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.3: * Rewrote var_export to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs . * Fixed a possible resource destruction issues ... oval:org.secpod.oval:def:301071 A vulnerability has been found and corrected in ncompress: An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch compression algorithm. A remote attacker could provide a specially-crafted LZW compressed ... oval:org.secpod.oval:def:300010 Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a c ... oval:org.secpod.oval:def:302828 Multiple vulnerabilities has been found and corrected in apache : The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cau ... oval:org.secpod.oval:def:302836 A memory leak and a hash table collision flaw in expat could cause denial os service attacks . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300323 Multiple vulnerabilities has been found and corrected in python: Multiple integer overflows in audioop.c in the audioop module in Ptthon allow context-dependent attackers to cause a denial of service via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first ... oval:org.secpod.oval:def:300320 Multiple vulnerabilities was discovered and corrected in python: The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept ... oval:org.secpod.oval:def:301037 A vulnerability was discovered and corrected in xerces-j2: Apache Xerces2 Java, as used in Sun Java Runtime Environment in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service via malformed XML input, as de ... oval:org.secpod.oval:def:301173 Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount symlinks, which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. The tc_fill_tclass function in net/sched/sch_api.c ... oval:org.secpod.oval:def:301012 It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching , to exhaust al ... oval:org.secpod.oval:def:302886 Multiple vulnerabilities has been found and corrected in curl: curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem . curl is vulnerable to a data injection attack for certain protocols through control ... oval:org.secpod.oval:def:302914 Multiple vulnerabilities has been discovered and corrected in python: The _ssl module would always disable the CBC IV attack countermeasure . A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name t ... oval:org.secpod.oval:def:301074 Security issues were identified and fixed in openjdk and icedtea-web: IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking . IcedTea6 prior to 1.10.4 allows remote untrusted Java W ... oval:org.secpod.oval:def:301024 Multiple vulnerabilities have been identified and fixed in python: The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / character at the beginning of the URI . A flaw w ... oval:org.secpod.oval:def:301067 Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote att ... oval:org.secpod.oval:def:301078 Security issues were identified and fixed in mozilla NSS, firefox and thunderbird: 22 weak 512-bit certificates issued by the DigiCert Sdn. Bhd certificate authority has been revoked from the root CA storage. This was fixed with rootcerts-20111103.00 and nss-3.13. DigiCert Sdn. Bhd is a Malaysian su ... oval:org.secpod.oval:def:301112 Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote att ... oval:org.secpod.oval:def:301062 A vulnerability was discovered and corrected in postgresql: contrib/pg_crypto's blowfish encryption code could give wrong results on platforms where char is signed , leading to encrypted passwords being weaker than they should be . Additionally corrected ossp-uuid packages as well as correc ... oval:org.secpod.oval:def:301116 A vulnerability was discovered and fixed in php-suhosin: crypt_blowfish before 1.1, as used in suhosin does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash . The updated packages ... oval:org.secpod.oval:def:301125 Multiple vulnerabilities has been identified and fixed in php: Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by using the same variable for multiple argum ... oval:org.secpod.oval:def:301121 Multiple vulnerabilities was discovered and fixed in glibc: Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library , including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privilege ... |
