[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A vulnerability has been found and corrected in hplip: A flaw was found in the way certain HPLIP tools discovered devices using the SNMP protocol. If a user ran certain HPLIP tools that search for supported devices using SNMP, and a malicious user is able to send specially-crafted SNMP responses, it could cause those HPLIP tools to crash or, possibly, execute arbitrary code with the privileges of ...

Multiple vulnerabilities were discovered and corrected in libtiff: Buffer overflow in LibTIFF allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding . Heap-based buffer overflow in the thunder decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS da ...

It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php . Packages for 2009.0 are provided as of the Extended Maintenance Program

Multiple vulnerabilities has been found and corrected in mysql: MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b"" token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service by using this token in a SQL statement . MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE ...

Multiple vulnerabilities have been identified and fixed in ruby: Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page . The FileUtils.remove_entry_secure method in Ruby allows local users to delete arbitrary files via a symlink attack . The safe-level feature in Ruby ...

Multiple vulnerabilities were discovered and corrected in subversion: The mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources which can lead to a DoS . The mod_dav_svn Apache HTTPD server module may in certain cenarios enter a logic loop which does not exit and which allocates emory in each iteration, ultimately exhausting all the ...

A vulnerability was discovered and corrected in curl: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests . Packages for 2009.0 are provided as of the Extended Maintenance Program

This advisory updates wireshark to the latest version , fixing one security issue: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service via malformed packets .

A vulnerability has been identified and fixed in php: The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders . The php-ini-5.3.8 package was missing with the MDVSA-2011:165 advisory a ...

A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font . A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox . Additionally, improvements conserning the LZW handling was added. The updated packages have been patched to co ...


Pages:      Start    24    25    26    27    28    29    30    31    32    33    34    35    36    37    ..   182

© SecPod Technologies