[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110204

 
 

909

 
 

85984

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A null pointer dereference due to receiving a short packet for a direct connection in the MSN code could potentially cause a denial of service. Packages for 2009.0 are provided as of the Extended Maintenance Program

Multiple vulnerabilities was discovered and corrected in kdelibs4: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \"\0\" character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to C ...

Multiple vulnerabilities was discovered and fixed in glibc: Multiple integer overflows in the strfmon implementation in the GNU C Library 2.10.1 and earlier allow context-dependent attackers to cause a denial of service via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391 . Integer overflow in the __vstrfmo ...

The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could cra ...

The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could cra ...

Security issues were identified and fixed in mozilla firefox and thunderbird: Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribut ...

A vulnerability has been found and corrected in GnuTLS: gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service via a crafted record, as demonstrated by a crafted GenericBlockCipher structure . The updated packages have been patched to correct this issue. The ...

An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, ...

This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php. Please refer to the following Mandriva advisories for further information: MDVA-2012:004, MDVSA-2011:165, MDVSA-2011:166, MDVSA-2011:180, MDVSA-2011:197, MDVSA-2012:065, MDVSA-2012:068, MDVSA-2012:068-1.

It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php . Packages for 2009.0 are provided as of the Extended Maintenance Program


Pages:      Start    173    174    175    176    177    178    179    180    181    182    ..   182

© SecPod Technologies