Section: .. / 0708-advisories /
| /// File Name: |
sa26572.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26572/ | | File Size: | 12966 | | Last Modified: | Aug 28 04:13:22 2007 |
| MD5 Checksum: | 1422766a1bebbbe6a72532bba0028c57 |
|
| /// File Name: |
USN-503-1.txt |
Description:
|
Ubuntu Security Notice 503-1 - Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious email, an attacker could execute arbitrary code with the user's privileges. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. Jesper Johansson discovered that spaces and double-quotes were not correctly handled when launching external programs. In rare configurations, after tricking a user into opening a malicious email, an attacker could execute helpers with arbitrary arguments with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12955 | | Related CVE(s): | CVE-2007-3670, CVE-2007-3734, CVE-2007-3735, CVE-2007-3844, CVE-2007-3845 | | Last Modified: | Aug 27 17:24:38 2007 |
| MD5 Checksum: | 2c06cd51d5fdc140e11897c175c68979 |
|
| /// File Name: |
MDKSA-2007-151.txt |
Description:
|
Mandriva Linux Security Advisory - A number of format string flaws have been discovered in how Qt handled error messages by Dirk Mueller and Tracey Parry of Portcullis Computer Security. If an application linked against Qt created an error message from user-supplied data in a certain way, it could possibly lead to the execution of arbitrary code or a denial of service.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12281 | | Related CVE(s): | CVE-2007-3388 | | Last Modified: | Aug 8 07:02:33 2007 |
| MD5 Checksum: | 9ec9446759f68678fe951a1f04c4e0e2 |
|
| /// File Name: |
dsa-1347-1.txt |
Description:
|
Debian Security Advisory 1347-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened.
| | Homepage: | http://www.debian.org/security | | File Size: | 11321 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 8 09:05:20 2007 |
| MD5 Checksum: | 6e81cd34eb66063cb5d67128be2c9024 |
|
| /// File Name: |
USN-498-1.txt |
Description:
|
Ubuntu Security Notice 498-1 - David Thiel discovered that libvorbis did not correctly verify the size of certain headers, and did not correctly clean up a broken stream. If a user were tricked into processing a specially crafted Vorbis stream, a remote attacker could execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 11163 | | Related CVE(s): | CVE-2007-3106, CVE-2007-4029 | | Last Modified: | Aug 16 10:56:59 2007 |
| MD5 Checksum: | 1fa171cc33091ba997a41481db0d9703 |
|
| /// File Name: |
SSRT071456.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 10848 | | Last Modified: | Aug 23 23:17:10 2007 |
| MD5 Checksum: | 10c88caf777d574c87c69af08736ea0e |
|
| /// File Name: |
sa26292.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xpdf. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26292/ | | File Size: | 10706 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | 75f04efc162e05effb4042749d1c079b |
|
| /// File Name: |
USN-504-1.txt |
Description:
|
Ubuntu Security Notice 504-1 - Hendrik Tews discovered that emacs21 did not correctly handle certain GIF images. By tricking a user into opening a specially crafted GIF, a remote attacker could cause emacs21 to crash, resulting in a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 10456 | | Related CVE(s): | CVE-2007-2833 | | Last Modified: | Aug 29 06:38:05 2007 |
| MD5 Checksum: | 32db6a6ba52b0c954ddff36b5563f85a |
|
| /// File Name: |
ircu-multi.txt |
Description:
|
Ircu, the open source IRC server, is susceptible to multiple vulnerabilities.
| | Author: | Wouter Coekaerts | | File Size: | 9913 | | Last Modified: | Aug 14 05:25:20 2007 |
| MD5 Checksum: | 866874bb6b3a4a534b530e1329122792 |
|
| /// File Name: |
MDKSA-2007-171.txt |
Description:
|
Mandriva Linux Security Advisory - Some vulnerabilities have been discovered and corrected in the Linux 2.6 kernel.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9877 | | Related CVE(s): | CVE-2006-5755, CVE-2006-7203, CVE-2007-1496, CVE-2007-1497, CVE-2007-1861, CVE-2007-2172, CVE-2007-2242, CVE-2007-2453, CVE-2007-2525, CVE-2007-2875, CVE-2007-2876 | | Last Modified: | Aug 29 06:36:35 2007 |
| MD5 Checksum: | 02cc4798552436a0a839fc77777adec4 |
|
| /// File Name: |
dsa-1344-1.txt |
Description:
|
Debian Security Advisory 1344-1 - "moz_bug_r_a4" discovered that a regression in the handling of "about:blank" windows used by addons may lead to an attacker being able to modify the content of web sites. Jesper Johansson discovered that missing sanitizing of double-quotes and spaces in URIs passed to external programs may allow an attacker to pass arbitrary arguments to the helper program if the user is tricked into opening a malformed web page.
| | Homepage: | http://www.debian.org/security | | File Size: | 9868 | | Related CVE(s): | CVE-2007-3844, CVE-2007-3845 | | Last Modified: | Aug 8 08:41:31 2007 |
| MD5 Checksum: | 1b6b5a0421d7a7c2b6889a9caf645b64 |
|
| /// File Name: |
sa26516.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for jasper. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26516/ | | File Size: | 9630 | | Last Modified: | Aug 21 22:07:00 2007 |
| MD5 Checksum: | 6733cba88edbc8911307c978bf3a7f7b |
|
| /// File Name: |
sa26308.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/26308/ | | File Size: | 9545 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | d480b388c5abdc8f2d5576c19c45b640 |
|
| /// File Name: |
TISA-2007-09-Public.txt |
Description:
|
Team Intell Security Advisory TISA2007-09-Public - Microsoft Windows suffers from multiple improper file path handling issues.
| | Author: | Maldin d.o.o | | Homepage: | http://www.teamintell.com/ | | File Size: | 9402 | | Last Modified: | Aug 30 10:10:09 2007 |
| MD5 Checksum: | 65a5036b96d93b9e78d3e9adc4ecc4f1 |
|
| /// File Name: |
dsa-1350-1.txt |
Description:
|
Debian Security Advisory 1350-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. tetex-bin includes a copy of the xpdf code and required an update as well.
| | Homepage: | http://www.debian.org/security | | File Size: | 9195 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 8 09:28:34 2007 |
| MD5 Checksum: | cad9e69d6d7884146a02903695c20b11 |
|
| /// File Name: |
USN-501-1.txt |
Description:
|
Ubuntu Security Notice 501-1 - It was discovered that Jasper did not correctly handle corrupted JPEG2000 images. By tricking a user into opening a specially crafted JPG, a remote attacker could cause the application using libjasper to crash, resulting in a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9183 | | Related CVE(s): | CVE-2007-2721 | | Last Modified: | Aug 21 22:53:13 2007 |
| MD5 Checksum: | 18edf90bd95d39f3b3040bf19cf030b2 |
|
| /// File Name: |
sa26468.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for koffice. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26468/ | | File Size: | 9001 | | Last Modified: | Aug 15 21:37:35 2007 |
| MD5 Checksum: | 7f99106ed0d8980a4369bc7467154bf0 |
|
| /// File Name: |
ASA-2007-019.txt |
Description:
|
Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a "CAPABILITIES_RES_MESSAGE" packet where the capabilities count is greater than the total number of items in the capabilities_res_message array. Note that this requires an authenticated session.
| | Author: | Wei Wang, Jason Parker | | Homepage: | http://www.asterisk.org/security | | File Size: | 8963 | | Last Modified: | Aug 8 10:05:50 2007 |
| MD5 Checksum: | e798ca193e72739ce8e5faa034a34d2a |
|
| /// File Name: |
sa26306.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for qt3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26306/ | | File Size: | 8906 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | 1ba1dab739cf1dacb92b4e5d23ee248c |
|
| /// File Name: |
sa26335.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26335/ | | File Size: | 8849 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | de5180f13e0403605b4399d815fba028 |
|
| /// File Name: |
dsa-1349-1.txt |
Description:
|
Debian Security Advisory 1349-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. libextractor includes a copy of the xpdf code and required an update as well.
| | Homepage: | http://www.debian.org/security | | File Size: | 8753 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 8 09:17:12 2007 |
| MD5 Checksum: | 4e547b20a0fce299ec88f2efd0304a27 |
|
| /// File Name: |
HPSBMA02239.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
| | Homepage: | http://www.hp.com | | File Size: | 8732 | | Last Modified: | Aug 14 06:03:16 2007 |
| MD5 Checksum: | c37e3ec73f9dbfb81720bb650d48b155 |
|
| /// File Name: |
sa26235.txt |
Description:
|
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
| | Homepage: | http://secunia.com/advisories/26235/ | | File Size: | 8650 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | 6b3a1dd76899de042666fcaa73f5e69c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
