Download
| Alert*
oval:org.mitre.oval:def:7234
Ronald Volgers discovered that the lppasswd component of the cups suite, the Common UNIX Printing System, is vulnerable to format string attacks due to insecure use of the LOCALEDIR environment variable. An attacker can abuse this behaviour to execute arbitrary code via crafted localization files an ... oval:org.secpod.oval:def:600088 Ronald Volgers discovered that the lppasswd component of the cups suite, the Common UNIX Printing System, is vulnerable to format string attacks due to insecure use of the LOCALEDIR environment variable. An attacker can abuse this behaviour to execute arbitrary code via crafted localization files an ... oval:org.secpod.oval:def:3819 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a file that contains crafted localization data with format string specifiers. Successful exploitation could allow a local ... oval:org.secpod.oval:def:300196 Multiple vulnerabilities has been found and corrected in cups: CUPS in does not properly handle HTTP headers and HTML templates, which allows remote attackers to conduct cross-site scripting attacks and HTTP response splitting attacks via vectors related to the product"s web interface, the conf ... oval:org.secpod.oval:def:300008 Multiple vulnerabilities has been found and corrected in cups: CUPS in does not properly handle HTTP headers and HTML templates, which allows remote attackers to conduct cross-site scripting attacks and HTTP response splitting attacks via vectors related to the product"s web interface, the conf ... oval:org.secpod.oval:def:700116 It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. Ronald Volgers discovered that ... oval:org.secpod.oval:def:3869 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-29-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers t ... |