Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.
Several vulnerabilities have been identified in Gnash, the GNU Flash player. CVE-2012-1175 Tielei Wang from Georgia Tech Information Security Center discovered a vulnerability in GNU Gnash which is caused due to an integer overflow error and can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted SWF file. CVE-2011-4328 Alexander Kurtz discovered ...
Two vulnerabilities have been discovered in KVM, a solution for full virtualization on x86 hardware: CVE-2011-0011 Setting the VNC password to an empty string silently disabled all authentication. CVE-2011-1750 The virtio-blk driver performed insufficient validation of read/write I/O from the guest instance, which could lead to denial of service or privilege escalation. The oldstable distribution ...
It was discovered that OpenOffice.org would not properly process crafted document files, possibly leading to arbitrary code execution. CVE-2012-1149 Integer overflows in PNG image handling CVE-2012-2334 Integer overflow in operator new[] invocation and heap-based buffer overflow inside the MS-ODRAW parser
Nelson Elhage discovered that incorrect memory handling during the removal of ISA devices in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service of the execution of arbitrary code.
It was discovered that incorrect sanitising of virtio queue commands in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service of the execution of arbitrary code. The oldstable distribution is not affected by this problem.
Two vulnerabilities have been discovered in KVM, a solution for full virtualization on x86 hardware: CVE-2011-2212 Nelson Elhage discovered a buffer overflow in the virtio subsystem, which could lead to denial of service or privilege escalation. CVE-2011-2527 Andrew Griffiths discovered that group privileges were insufficiently dropped when started with -runas option, resulting in privilege escala ...
Tielei Wang discovered that OpenOffice.org does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution.