Advisory: Gentoo Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
enscript suffers from vulnerabilities and design flaws, potentially resulting in the execution of arbitrary code.
UW IMAP contains a vulnerability in the code handling CRAM-MD5 authentication allowing authentication bypass.
FireHOL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.
ClamAV contains two vulnerabilities that could lead to Denial of Service and evasion of virus scanning.
Gallery is vulnerable to cross-site scripting attacks.
The ncpfs utilities contain multiple flaws, potentially resulting in the remote execution of arbitrary code or local file access with elevated privileges. [More...]
f2c is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.
VDR insecurely accesses files with elevated privileges, which may result in the overwriting of arbitrary files.
A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts.
ngIRCd is vulnerable to a buffer overflow that can be used to crash the daemon and possibly execute arbitrary code.
SquirrelMail fails to properly sanitize user input, which could lead to arbitrary code execution and compromise webmail accounts.
GraphicsMagick is vulnerable to a heap overflow when decoding Photoshop Document (PSD) files, which could lead to arbitrary code execution.
An overflow in the camel-lock-helper application can be exploited by an attacker to execute arbitrary code with elevated privileges.
Konversation contains multiple vulnerabilities that could lead to remote command execution or information leaks.
MySQL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.
KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code.
teTeX, pTeX and CSTeX make use of vulnerable Xpdf code which may allow the remote execution of arbitrary code. Furthermore, the xdvizilla script is vulnerable to temporary file handling issues. [More...]
CUPS includes Xpdf code and therefore is vulnerable to the recent stack overflow issue, potentially resulting in the remote execution of arbitrary code. [More...]
Mailman is vulnerable to cross-site scripting attacks.
A stack overflow was discovered in Xpdf, potentially resulting in the execution of arbitrary code. GPdf includes Xpdf code and therefore is vulnerable to the same issue. [More...]