Debian Linux Security Advisory 2415-1 - Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for mod music based on ModPlug.
69a1bae86b0dec3fce4165073d54970dDebian Linux Security Advisory 2414-1 - Nicola Fioravanti discovered that F*X, a web service for transferring very large files, is not properly sanitizing input parameters of the "fup" script. An attacker can use this flaw to conduct reflected cross-site scripting attacks via various script parameters.
cb6bda9afb895bf2561eff3006741fd8Debian Linux Security Advisory 2413-1 - Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.
4e53fdefa0c2bafde7b3cae7a95f6f18Debian Linux Security Advisory 2412-1 - It was discovered that a heap overflow in the Vorbis audio compression library could lead to the execution of arbitrary code if a malformed Ogg Vorbis file is processed.
6dd5e5fecf16cec8b3f371ad40264ab0Debian Linux Security Advisory 2411-1 - It was discovered that mumble, a VoIP client, does not probably manage permission on its user-specific configuration files, allowing other local users on the system to access them.
56a368fff677a841823e9b6f6b518786Debian Linux Security Advisory 2412-1 - It was discovered that a heap overflow in the Vorbis audio compression library could lead to the execution of arbitrary code if a malformed Ogg Vorbis file is processed.
8f36b50d52ddbb34e00ff95524b06371Debian Linux Security Advisory 2410-1 - Jueri Aedla discovered an integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed.
e01cb27bf4e0d03bd9ff1088eff5439cDebian Linux Security Advisory 2409-1 - Several vulnerabilities have been discovered in debdiff, a script used to compare two Debian packages, which is part of the devscripts package.
3882aac45ec57ca901acde9867033c79Debian Linux Security Advisory 2408-1 - Several vulnerabilities have been discovered in PHP, the web scripting language.
30572e2d3b9b0da8c4758495a306b3feDebian Linux Security Advisory 2407-1 - It was discovered that a malicious CVS server could cause a heap overflow in the CVS client, potentially allowing the server to execute arbitrary code on the client.
3aa96dc22cacb1b8f37402293caf8555Debian Linux Security Advisory 2406-1 - Several vulnerabilities have been discovered in Icedove, Debian's variant of the Mozilla Thunderbird code base.
b9fd62957322c5f5b84306818859c4a3Debian Linux Security Advisory 2403-2 - Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
ac64d2dec1aeb1720402ce0a0f137168Debian Linux Security Advisory 2405-1 - Several vulnerabilities have been found in the Apache HTTPD Server.
5a79e4aa83dfdf8a9466052499b4f384Debian Linux Security Advisory 2404-1 - Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of QEMU, which is used in the xen-qemu-dm-4.0 packages. This vulnerability might enable to malicious guest systems to crash the host system or escalate their privileges.
1f7c59d504f1cf88f659d8ae0b450ccbDebian Linux Security Advisory 2384-2 - It was discovered that the last security update for cacti, DSA-2384-1, introduced a regression in lenny.
2b562edca928d44931c946b9675957b1Debian Linux Security Advisory 2403-1 - Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
c4d8e3fd768c60e10ba1bfdc3db5bf69Debian Linux Security Advisory 2402-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.
8d3b91fe903127f7e540d454322326a6Debian Linux Security Advisory 2400-1 - Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian.
3d0140f297e99ba88f6d7d9d4d6b65b1Debian Linux Security Advisory 2401-1 - Several vulnerabilities have been found in Tomcat, a servlet and JSP engine.
548b00ffd85a415d5bd9c9a2e3958d7eDebian Linux Security Advisory 2399-2 - A regression was found in the fix for PHP's XSLT transformations. Updated packages are now available to address this regression.
d66227365d387c7a49e4928c2a78ec86Debian Linux Security Advisory 2399-1 - Several vulnerabilities have been discovered in PHP, the web scripting language.
1f2cc867fd5ec819484697ce637b6e50Debian Linux Security Advisory 2398-1 - Several vulnerabilities have been discovered in Curl, an URL transfer library.
c95ecedbb71b86ff645dc34a026ce3a1Debian Linux Security Advisory 2397-1 - It was discovered that a buffer overflow in the Unicode library ICU could lead to the execution of arbitrary code.
34098d57e9d12d3b3947c2fb58c89cf8Debian Linux Security Advisory 2396-1 - Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of KVM, a solution for full virtualization on x86 hardware, which could result in denial of service or privilege escalation.
07c049877fd01674457a13e495551f32Debian Linux Security Advisory 2395-1 - Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code.
7fe1aac8976a6fc777ef1bef1244bf57
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed