[Forgot Password]
Login  Register Subscribe

23631

 
 

126998

 
 

102010

 
 

909

 
 

80911

 
 

121

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Multiple vulnerabilities has been discovered and corrected in cups: The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service via HTTP_UNAUTHORIZED responses . The LZW decompressor in the LWZReadByte function in giftoppm.c in the Dav ...

A vulnerability has been discovered and corrected in gimp: The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5 ...

Multiple vulnerabilities has been discovered and corrected in tomcat 5.5.x: The implementation of HTTP DIGEST authentication in tomcat was discovered to have several weaknesses . Apache Tomcat, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file . ...

It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR . Packages for 2009.0 are provided as of the Extended Maintenance Program

It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR . Packages for 2010.0 are provided as of the Extended Maintenance Program. Update: Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095 advisory.

Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application . The updated packages have been patched to correct these issue ...

A vulnerability was discovered and corrected in krb5-appl: ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a config ...

Multiple vulnerabilities has been discovered and corrected in util-linux: mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089 . mount in util-linux 2.19 and ...

It was discovered that the apr_fnmatch function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching , to exhaust all stack memory or use an excessive amount of CPU time when performing matching . Packages for 2009.0 ...

Multiple vulnerabilities has been found and corrected in imagemagick: Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory . A flaw was found in the way ImageMagick processed images with malformed Exchangeable image ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182

© 2013 SecPod Technologies