[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116586

 
 

909

 
 

91167

 
 

142

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 2.x, version 2.0.0.19 . This update provides the latest Mozilla Firefox 2.x to correct these issues.

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. Linux kernel 2.6.28 allows local users to cause a denial of ...

A vulnerability was found by the Google Security Team with how OpenSSL checked the verification of certificates. An attacker in control of a malicious server or able to effect a man-in-the-middle attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client, which would then bypass the certificate validation . The updated packages have been patched to prevent ...

Multiple vulnerabilities has been found and corrected in mono: IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class in Mono 1.2.5.1 and previous versions, which allows arbitrary code execution by context-dependent attackers . Multiple cross-site scripting vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or ...

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. Update: This update was too late for inclusion in Mandriva Linux 2009, so it is being released now for that version.

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue.

A denial of service condition was found in Ruby"s regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash . A number of flaws were found in Ruby that could allow an attacker to create a carefully crafted script that could allow for the bypass of certain safe-level restrictions . A denial o ...

Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates . Update: It was found that the previously-published patch to correct this issue caused a regression when dealing with self ...

Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates . The updated packages have been patched to correct this issue.

A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An attacker could create malicious SGI image files that could possibly execute arbitrary code if the file was printed . An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter. An attacker could create a malicious text ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182

© SecPod Technologies