Debian.org - Debian Security Advisories

DSA-2076 gnupg2 - use-after-free

28.07.2010 15:30 It was discovered that GnuPG 2 uses a freed pointer when verifying a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution.

DSA-2075 xulrunner - several vulnerabilities

28.07.2010 15:30 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-2073 mlmmj - insufficient input sanitising

21.07.2010 14:30 Florian Streibelt reported a directory traversal flaw in the way the Mailing List Managing Made Joyful mailing list manager processed users' requests originating from the administrator web interface without enough input validation. A remote, authenticated attacker could use these flaws to write and/or delete arbitrary files.

DSA-2074 ncompress - integer underflow

21.07.2010 14:30 Aki Helin discovered an integer underflow in ncompress, the original Lempel-Ziv compress/uncompress programs. This could lead to the execution of arbitrary code when trying to decompress a crafted LZW compressed gzip archive.

DSA-2072 libpng - several vulnerabilities

19.07.2010 20:15 Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-2071 libmikmod - buffer overflows

15.07.2010 02:30 Dyon Balding discovered buffer overflows in the MikMod sound library, which could lead to the execution of arbitrary code if a user is tricked into opening malformed Impulse Tracker or Ultratracker sound files.

DSA-2070 freetype - several vulnerabilities

15.07.2010 02:30 Robert Swiecki discovered several vulnerabilities in the FreeType font library, which could lead to the execution of arbitrary code if a malformed font file is processed.

DSA-2069 znc - denial of service

12.07.2010 12:45 It was discovered that znc, an IRC bouncer, is vulnerable to denial of service attacks via a NULL pointer dereference when traffic statistics are requested while there is an unauthenticated connection.

DSA-2068 python-cjson - buffer overflow

12.07.2010 12:45 Matt Giuca discovered a buffer overflow in python-cjson, a fast JSON encoder/decoder for Python. This allows a remote attacker to cause a denial of service through a specially-crafted Python script.

DSA-2066 wireshark - several vulnerabilities

02.07.2010 08:45 Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that null pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code.

Předchozí měsíc (6. 2010)

Následující měsíc

Reklama

eshopMonitor.cz - internetové obchody

Přidejte si svůj eshop do našeho katalogu internetových obchodů zcela ZDARMA. Využijte principy SEO optimalizace zápisu obchodu. Publikujte novinky pomocí svého RSS zdroje. Zadávejte zdarma PR články bez omezení.

Hledej-hosting.cz - webhosting, multihosting

Přehled webhostingových a serverhostingových programů na českém trhu s možností jejich vyhledávání a porovnávání. Najděte si jednoduše vhodný hosting.