[Forgot Password]
Login  Register Subscribe

24437

 
 

132035

 
 

118831

 
 

909

 
 

92766

 
 

143

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A vulnerability has been found and corrected in perl-CGI: Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761 . Packages for 2009.0 are provided as of the Extended Maintenance Program

A vulnerability has been found and corrected in perl: The lc, lcfirst, uc, and ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string . Packages for 2009.0 are pr ...

Multiple vulnerabilities was discovered and corrected in kdelibs4: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \"\0\" character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to C ...

Multiple vulnerabilities was discovered and corrected in kdelibs4: KDE KSSL in kdelibs does not properly handle a \'\0\' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2 ...

A vulnerability has been found and corrected in php: The htmlspecialchars function in PHP before 5.2.12 does not properly handle overlong UTF-8 sequences, invalid Shift_JIS sequences, and invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting attacks by placing a crafted byte sequence before a special character . The updated packages have been patched to correc ...

A vulnerability has been found and corrected in php: PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to interrupt corruption of the SESSION superglobal array and the session.save_path directive . Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

Multiple vulnerabilities has been found and corrected in php: The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable . The htmlspecialchars function in PHP b ...

Multiple vulnerabilities has been found and corrected in ffmpeg: The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file . cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, chec ...

A vulnerability was discovered and corrected in perl-CGI: CGI.pm module before 3.63 for Perl does not properly escape newlines in Set-Cookie or P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in perl: Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via the 'x' string repeat operator. The updated packages have been patched to correct this ...


Pages:      Start    3    4    5    6    7    8    9    10    11    12    13    14    15    16    ..   182

© SecPod Technologies