[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625 . This update fixes this vulnerability. Update: Packages for 2008.0 are being provided due to extended support for Corporate products.

A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate . A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625 . This update provides the latest version of Thunder ...

A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625 . Additionally on 2009.0 a patch was added to prevent kompozer from crashing , on 2009.1 a format string patch was added to make it build with the -Wformat -Werror=format-security gcc optimization switch added in 2009.1 This update fixes th ...

Chris Evans found a buffer overflow condition in Ghostscript, which can lead to arbitrary code execution as the user running any application using it to process a maliciously crafted Postscript file. The updated packages have been patched to prevent this issue.

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server . The updated packages have been patched to correct these issues.

A vulnerability has been found and corrected in PHP: The JSON_parser function in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service via a malformed string to the json_decode API function . The updated packages have been patched to correct these issues.

A number of vulnerabilities have been found and corrected in PHP: improve mbfl_filt_conv_html_dec_flush error handling in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c . Additionally on Mandriva Linux 2009.0 and up the php-mbstring module is linked against a separate shared libmbfl library that also have been patched to address CVE-2008-5557. Directory traversal vulnerability in the ZipArchive:: ...

A number of vulnerabilities have been found and corrected in PHP: The htmlentities and htmlspecialchars functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors . The output_add_rewrite_var function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obta ...

A number of vulnerabilities have been found and corrected in PHP: PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with "S:", which did not properly track the number of input bytes being processed . A vulnerability in the chunk_split function in PHP prior to 5.2.4 has unknown impact and atta ...

A number of vulnerabilities have been found and corrected in PHP: php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors . The escapeshellcmd API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters . Weaknesses in the GENERATE_SEED macro in PHP ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182

© SecPod Technologies