KDE Security Advisory: Two flaws in the Konqueror webbrowser make it possible to by pass the sandbox environment which is used to run Java-applets. One flaw allows access to restricted Java classes via JavaScript, making it possible to escalate the privileges of the Java-applet. The other problem is that Konqueror fails to correctly restrict access to certain Java classes from the Java-applet itself. All versions of KDE up to KDE 3.3.1 inclusive. KDE 3.3.2 is not affected.
2ed5ada9061438c8f6796da3847fe6c906ed5e2cd6dc24c94bc73b1a1b3d2856Tlen.pl versions 5.23.4.1 and below suffer from a remote script execution vulnerability.
e8ca200d31b825e6ab2973601348deb5fb5ffa6c0c79b7ae7681ef26fa074147Debian Security Advisory 612-1 - Rudolf Polzer discovered a vulnerability in a2ps, a converter and pretty-printer for many formats to PostScript. The program did not escape shell meta characters properly which could lead to the execution of arbitrary commands as a privileged user if a2ps is installed as a printer filter.
b7d1671381767fda539331d6422257d72f2e054e15ea8637476d61b928dcd473Local root command execution exploit for lsmcode on AIX 5.1 to 5.3.
f5cc29c4fb8cdca062ee8c5e01582bb164ea0a05f38739d127cee434d942da65Local stack overflow exploit for /usr/bin/paginit on AIX versions 5.3/5.2/5.1.
96daabcb7704d3134301534a67ddb750fa81b4bdb6e70696c1118f492037d3a9HP Security Bulletin - A potential vulnerability has been identified with the HP-UX newgrp(1) command that may allow authorized users to elevate privileges. Affected versions are HP-UX B.11.00, B.11.04, B.11.11.
d8ef72d09d9f76a79ac2bb34ee9f9261bf8e887a3660036d2bf151384a01fb3fDebian Security Advisory 611-1 - infamous41md discovered a buffer overflow in htget, a file grabber that will get files from HTTP servers. It is possible to overflow a buffer and execute arbitrary code by accessing a malicious URL.
511fb334e4db231517cbb485ce524703f96e7f54faf131445aa81bad7591e658A buffer overflow in UnRTF version 0.19.3 may allow for system compromise.
ed8e15b1ff29f2b48ade8b0266ace04da74771910cada6b1022271ca4515fc76A buffer overflow vulnerability in the YAMT 0.5 id3tag_sort() function can lead to a system compromise.
1c71d04732d85755d294beb6c3cb7d2555831537db575c19bf857787cdad2df5Vilistextum version 2.6.6 is susceptible to a buffer overflow in the get_attr() function.
3647ccca69811067c47b4f3ca914498ff7ba6d96d57aa902ef52f5d4d65c7f20xlreader version 0.9.0 is susceptible to a buffer overflow condition in the book_format_sql() function.
24823c2b3a25e369e195d3e131c64fa7dc46b58fb25a2375c5797b7a36fdb1c9A buffer overflow in the vb2c 0.02 parse() function allows for system compromise.
71cadaf06edac8de52c4c0639698cb6e06a9945c1355327b359fc56a7bcdffeauml-utilities version 20030903 is susceptible to a denial of service vulnerability via the uml-net utility running setuid root and being able to take down the system's ethernet connection.
7865d6b62e1c5ca1c01ea1e07943af6e336d6ed25181b424183688b18bcc1236Buffer overflow vulnerabilities in the getline() and get_holiday() functions of Pcal version 4.7.1 may allow for system compromise.
c81e9520fea6b7e040203920de07de941f9a4423b4a4dd6af30cd1cfcf986f1cMeshViewer 0.2.2 is susceptible to a buffer overflow vulnerability in the Mesh::type() function.
48c500c50c1bdc659ae3eb5f23851995fdf87cfd73bdce583224eebeb01ecb60NapShare version 1.2 is susceptible to a buffer overflow in the auto_filter_extern() function.
9f6268214b9c62aab2bae9c43665803556fe9133330989fdc005d563fb473609Ringtone Tools version 2.22 is susceptible to a buffer overflow in the parse_emelody() function.
0913841787d40062b8ee4df0ada5efe1147d121c51613149421228d9de960439LinPopUp version 1.2.0 has a buffer overflow in the strexpand() function.
d31de35666d78f705405cfb23c8c4a2a6ffc96ab00efea6d5a9f7692f2a7ccb4o3read version 0.0.3 suffers from a buffer overflow condition in the parse_html() function used when parsing HTML content.
db690ba8a5fb9f6261dc6bc447acbbda88abdeeb6d4898680a7bcd3cc9f2c0e1jpegtoavi version 1.5 is susceptible to a buffer overflow in the get_file_list_stdin() function.
6aa04b2b8cb6f9f6ed955f347b513ea25c78b28773707235e13381e33f38860cBolthole Filter 2.6.1 is susceptible to a buffer overflow in the save_embedded_address() function.
e81216105c9e6872a277520889e10eb6ed145339886c78f8534bc7ae33ead91aMultiple input validation errors exist in Junkie version 0.3.1 that allow for command execution and directory traversal attacks.
62c04fabfebf6a62c0a093fc92f44b9279d6ed4eeb501753bbdb2d443f62d682An input validation error that allows for arbitrary command execution and a buffer overflow exist in Greed 0.81p.
e30923d99ec472108172de0dad85a10cd5cd9e6a8d7e7de0283bcf056e33a5faIglooFTP version 0.6.1 suffers from an input validation error that allows for arbitrary file overwrite.
8b10bb047065530990fe3e2cad18f6a45589fd414a2c475d573a9bff11963029A weakness when uploading directories recursively can potentially be exploited by malicious, local users to substitute the uploaded files in IglooFTP version 0.6.1.
f9196ada991d3ff2e19aff394388176d2abd752aa76bdc0a2dfb9da562f0fa39
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed