[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111749

 
 

909

 
 

87255

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A security vulnerability has been identified and fixed in curl, which could allow remote HTTP servers to trigger arbitrary requests to intranet servers, read or overwrite arbitrary files via a redirect to a file: URL, or execute arbitrary commands via a redirect to an scp: URL . The updated packages have been patched to prevent this.

An integer overflow flaw was found in Pidgin"s MSN protocol handler that could allow for the execution of arbitrary code if a user received a malicious MSN message . In addition, this update provides the ability to use ICQ networks again on Mandriva Linux 2008.0, as in MDVA-2008:103 . The updated packages have been patched to correct this issue.

Security issues were identified and fixed in firefox 3.0.x: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors . Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial o ...

Security issues were identified and fixed in firefox 3.0.x: Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.write to place content within the new document, appearing to have come from the spoofed location . Moxie Marlinspike reported a heap overflow vulnerability in the co ...

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server . The updated packages have been patched to correct these issues.

A buffer overflow in the imageloadfont function in PHP allowed context-dependent attackers to cause a denial of service and potentially execute arbitrary code via a crafted font file . A buffer overflow in the memnstr function allowed context-dependent attackers to cause a denial of service and potentially execute arbitrary code via the delimiter argument to the explode function . PHP, when used ...

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue. Update: Packages for 2008.0 are being provided due to extended support for Corporate products.

Argument injection vulnerability in login in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events. The updated packages have been patched to fix the issue.

Multiple security vulnerabilities has been identified and fixed in apr-util: The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service via crafted input involving a .htaccess file used with the Apache HTTP Server, the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, the mod_apr ...

Multiple security vulnerabilities has been identified and fixed in apr and apr-util: Multiple integer overflows in the Apache Portable Runtime library and the Apache Portable Utility library 0.9.x and 1.3.x allow remote attackers to cause a denial of service or possibly execute arbitrary code via vectors that trigger crafted calls to the allocator_alloc or apr_palloc function in memory/unix/a ...


Pages:      Start    6    7    8    9    10    11    12    13    14    15    16    17    18    19    ..   182

© SecPod Technologies