|Paid content will be excluded from the download.
| Matches : 1830
|Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. Please consult the CVE web links for further information. The updated packages have been upgraded to the latest version to correct these issues.
This advisory updates wireshark to the latest version, fixing several security issues: Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors . Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and r ...
This advisory updates wireshark to the latest version, fixing several security issues: * The SMB dissector could dereference a NULL pointer. * J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack. * The SMB PIPE dissector could dereference a NULL pointer on some platforms. * The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. * The SigComp Uni ...
A vulnerability was discovered and corrected in libmbfl : * Fix bug #53273 . The updated packages have been patched to correct these issues. Update: The MDVSA-2010:225 advisory used the wrong patch to address the problem, however it did fix the issue. This advisory provides the correct upstream patch.
A vulnerability was discovered and corrected in libmbfl : * Fix bug #53273 . The updated packages have been patched to correct these issues.
This is a maintenance and security update that upgrades php to 5.3.4 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.4: * Paths with NULL in them are now considered as invalid . * Fixed bug #53512 Please note that CVE-2010-4150, CVE-2010-3870, CVE-2010-3436, CVE-2010-3709, CVE-2010-3710 were fixed in previous advisories. Key Bug Fixes in PHP 5.3.4 include: * Added stat support for ...
A vulnerability has been found and corrected in nss_db: The Free Software Foundation Berkeley DB NSS module 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module . The updated packages have been patched to correct this issue.
A vulnerability has been found and corrected in libglpng: Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to the pngLoadRawF function and the pngLoadF function, leading to heap-based buffer overflows . The updated packages have been patched to correct this issue.
A vulnerability was discovered and corrected in gnucash: gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory . The affected /usr/bin/gnc-test-env file has been removed to mitigate the CVE-2010-3999 vulnerability as gnc-test-env is only us ...
Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in ...
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182
© 2013 SecPod Technologies