[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256488

 
 

256488

 
 

282

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6651 Download | Alert*

Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.

Jibbers McGee discovered that pymongo, a high-performance schema-free document-oriented data store, is prone to a denial-of-service vulnerability. An attacker can remotely trigger a NULL pointer dereference causing MongoDB to crash. The oldstable distribution , is not affected by this issue.

It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets. The oldstable distribution is not affected by this problem.

Jon Erickson of iSIGHT Partners Labs discovered a heap overflow in xml-security-c, an implementation of the XML Digital Security specification. The fix to address CVE-2013-2154 introduced the possibility of a heap overflow in the processing of malformed XPointer expressions in the XML Signature Reference processing code, possibly leading to arbitrary code execution.

Daniel P. Berrange discovered that incorrect memory handling in the remoteDispatchDomainMemoryStats function could lead to denial of service. The oldstable distribution is not affected.

Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code.

It was discovered that missing input saniting in Snoopy, a PHP class that simulates a web browser may result in the execution of arbitrary commands.

Peter McLarnan discovered that the internationalization component of Ruby on Rails does not properly encode parameters in generated HTML code, resulting in a cross-site scripting vulnerability. This update corrects the underlying vulnerability in the i18n gem, as provided by the ruby-i18n package. The oldstable distribution is not affected by this problem; the libi18n-ruby package does not contai ...

Bryan Quigley discovered an integer underflow in Pixman which could lead to denial of service or the execution of arbitrary code.

Florian Weimer discovered a buffer overflow in udisks"s mount path parsing code which may result in privilege escalation.


Pages:      Start    442    443    444    445    446    447    448    449    450    451    452    453    454    455    ..   665

© SecPod Technologies