[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 198218 Download | Alert*

A heap-based buffer overflow flaw was found in how the X.org server handled malformed font files that could allow a malicious local user to potentially execute arbitrary code with the privileges of the X.org server . The updated packages have been patched to correct this issue.

An input validation flaw was found in the X.org server"s XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service , or potentially execute arbitrary code with root privileges on the X.org server . A flaw was found in the X.org server"s XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that ...

A vulnerability has been found and corrected in cyrus-imapd: The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service via a crafted References header in an e-mail message . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in fcgi: The FCGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in freeradius: The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked X.509 client certificate . The updated packages have been patched to correct this issue.

The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple memory corruption vulnerabilities. The flaw are present in the applications, which fails to handle crafted input. Successful exploitation could allow attackers to overflow the buffer, execute arbitrary code or crash the service.

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.

Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to so ...

The host is installed with Microsoft Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8, Windows 8.1, Server 2012 or Server 2012 R2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle failed logon attempts. Successful exploitation could allow an attacker to bypass the audit logon security feature.


Pages:      Start    19218    19219    19220    19221    19222    19223    19224    19225    19226    19227    19228    19229    19230    19231    ..   19821

© SecPod Technologies