|Paid content will be excluded from the download.
| Matches : 81341
|A vulnerability was discovered and corrected in ffmpeg: MPlayer allows remote attackers to cause a denial of service via a malformed AAC file, as demonstrated by lol-vlc.aac; or a malformed Ogg Media file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718 . Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a soluti ...
Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras.
Security vulnerabilies have been identified and fixed in jhead. Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service . Jhead before 2.84 allows local users to overwrite arbitrary files via a symlink attack on a temporary file . Jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a ...
A cross-site request forgery vulnerability was discovered in Django that, if exploited, could be used to perform unrequested deletion or modification of data. Updated versions of Django will now discard posts from users whose sessions have expired, so data will need to be re-entered in these cases. The versions of Django shipping with Mandriva Linux have been updated to the latest patched versions ...
A vulnerability was found in how ffmpeg handled STR file demuxing. If a user were tricked into processing a malicious STR file, a remote attacker could execute arbitrary code with user privileges via applications linked against ffmpeg . The updated packages have been patched to correct this issue.
Tavis Ormandy of the Google Security Team discovered a heap-based buffer overflow when compiling certain regular expression patterns. This could be used by a malicious attacker by sending a specially crafted regular expression to an application using the PCRE library, resulting in the possible execution of arbitrary code or a denial of service . The updated packages have been patched to correct th ...
A vulnerability in rxvt allowed it to open a terminal on :0 if the environment variable was not set, which could be used by a local user to hijack X11 connections . The updated packages have been patched to correct this issue.
A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes. The updated packages have been patched to correct this issues.
Two vulnerabilities were found in the Website META Language package that allowed local users to overwrite arbitrary files via symlink attacks. The updated packages have been patched to correct these issues.
Multiple cross-site scripting vulnerabilities were found in Mailman prior to version 2.1.10b1, which allow remote attackers to inject arbitrary web script or HTML via edting templates and the list"s info attribute in the web administrator interface. The updated packages have been patched to correct these issues.
Pages:      Start    7843    7844    7845    7846    7847    7848    7849    7850    7851    7852    7853    7854    7855    7856    ..   8134
© 2013 SecPod Technologies