[Forgot Password]
Login  Register Subscribe

24003

 
 

131486

 
 

106342

 
 

909

 
 

84640

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A vulnerability has been found and corrected in gdm: GNOME Display Manager 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a dmrc or face icon file under /var/cache/gdm/ . The updated packages have been patched to correct this issue.

Multiple vulnerabilities has been found and corrected in python-django: Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery attacks via forged AJAX requests that leverage a combination of browser plugins and redirects, a related issue to C ...

A vulnerability has been found and corrected in pango: It was discovered that pango did not check for memory reallocation failures in hb_buffer_ensure function. This could trigger a NULL pointer dereference in hb_buffer_add_glyph, where possibly untrusted input is used as an index used for accessing members of the incorrectly reallocated array, resulting in the use of NULL address as the base arra ...

Multiple vulnerabilities were discovered and corrected in clamav: Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document

A vulnerability has been found and corrected in tomboy: The tomboy and tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2 . The updated packages have bee ...

Multiple vulnerabilities were discovered and corrected in bind: named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service via a query for cached data . named in ISC BIND 9.x before 9.6.2-P ...

A vulnerability was discovered and corrected in freeciv: freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the os, io, package, dofile, loadfile, loadlib, module, and require modules or functions . The updated packages have been upgraded to v2.2.1 which is not vulnera ...

Multiple vulnerabilities was discovered and fixed in clamav: The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length . Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers ...

Multiple vulnerabilities has been found and corrected in clamav: ClamAV before 0.96 does not properly handle the CAB and 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities . The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service via ...

Multiple vulnerabilities has been found and corrected in clamav: ClamAV before 0.96 does not properly handle the CAB and 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities . The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service via ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182

© 2013 SecPod Technologies