[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

114411

 
 

909

 
 

88812

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ":safe", did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration . A stack-based buffer overflow in emacs could allow user-ass ...

A denial of service flaw was discovered by the Google Security Team in the way libxml2 processes malformed XML content. This flaw could cause the application to stop responding. The updated packages have been patched to correct this issue.

MySQL 5.0.x did not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement . The federated engine in MySQL 5.0.x, when performing a certain SHOW TABLE STATUS query, did not properly handle a response with a small number of ...

An input validation flaw was found in the X.org server"s XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service , or potentially execute arbitrary code with root privileges on the X.org server . A flaw was found in the X.org server"s XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that ...

An input validation flaw was found in the X.org server"s XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service , or potentially execute arbitrary code with root privileges on the X.org server . A flaw was found in the X.org server"s XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that ...

A number of vulnerabilities have been found and corrected in PHP: The htmlentities and htmlspecialchars functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors . The output_add_rewrite_var function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obta ...

A number of vulnerabilities have been found and corrected in PHP: PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with "S:", which did not properly track the number of input bytes being processed . A vulnerability in the chunk_split function in PHP prior to 5.2.4 has unknown impact and atta ...

Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with the privileges of the user opening the file. The updated packages have been patched to correct this issue.

A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server"s Tcl regular expression engine. This flaw can result in an infinite loop when processing certain regular expressions. The updated packages have been patched to correct these issues.

A flaw in how tomboy handles LD_LIBRARY_PATH was discovered where by appending paths to LD_LIBRARY_PATH the program would also search the current directory for shared libraries. In directories containing network data, those libraries could be injected into the application. The updated packages have been patched to correct this issue.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182

© SecPod Technologies