It was discovered that KGet did not properly perform input validation whenprocessing metalink files. If a user were tricked into opening a craftedmetalink file, a remote attacker could overwrite files via directorytraversal, which could eventually lead to arbitrary code execution. [More...]
It was discovered that TeX Live incorrectly handled certain long .bib bibliography files. If a user or automated system were tricked into processing a specially crafted bib file, an attacker could cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS, 9.04 and 9.10. (CVE-2009-1284) [More...]
Dan Rosenberg discovered that dvipng incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. [More...]
Marc Schoenefeld discovered a buffer overflow in Netpbm when loadingcertain images. If a user or automated system were tricked into opening aspecially crafted XPM image, a remote attacker could crash Netpbm. Thedefault compiler options for affected releases should reduce thevulnerability to a denial of service. [More...]
It was discovered that PostgreSQL did not properly sanitize its input whenusing substring() with a SELECT statement. A remote authenticated attackercould exploit this to cause a denial of service via application crash. [More...]
USN-931-1 fixed vulnerabilities in FFmpeg. The update introduced a regression when trying to play certain multimedia files. This update fixes the problem.
USN-929-1 fixed vulnerabilities in irssi. The upstream changes introduced a regression when using irssi with SSL and an IRC proxy. This update fixes the problem.
Sebastian Krahmer discovered a race condition in the KDE Display Manager(KDM). A local attacker could exploit this to change the permissions onarbitrary files, thus allowing privilege escalation.
It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. [More...]
It was discovered that irssi did not perform certificate host validationwhen using SSL connections. An attacker could exploit this to perform a manin the middle attack to view sensitive information or alter encryptedcommunications. (CVE-2010-1155) [More...]
Valerio Costamagna discovered that sudo did not properly validate the pathfor the 'sudoedit' pseudo-command when the PATH contained only a dot ('.').If secure_path and ignore_dot were disabled, a local attacker could exploitthis to execute arbitrary code as root if sudo was configured to allow theattacker to use sudoedit. By default, secure_path is used and the sudoedit [More...]
USN-927-1 fixed vulnerabilities in NSS. Due to upstream changes in NSS3.12.6, Thunderbird would be unable to initialize the security componentand connect with SSL/TLS if the old libnss3-0d transition package wasinstalled. This update fixes the problem. [More...]
USN-927-1 fixed vulnerabilities in NSS. Upstream NSS 3.12.6 added anadditional checksum verification on libnssdbm3.so, but the Ubuntu packagingdid not create this checksum. As a result, Firefox could not initialize thesecurity component when the NSS Internal FIPS PKCS #11 Module was enabled.This update fixes the problem. [More...]
Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discoveredflaws in the browser engine of Firefox. If a user were tricked into viewinga malicious website, a remote attacker could cause a denial of service orpossibly execute arbitrary code with the privileges of the user invokingthe program. (CVE-2010-0174) [More...]
Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discoveredflaws in the browser engine of Firefox. If a user were tricked into viewinga malicious website, a remote attacker could cause a denial of service orpossibly execute arbitrary code with the privileges of the user invokingthe program. (CVE-2010-0173, CVE-2010-0174) [More...]
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3protocols. If an attacker could perform a man in the middle attack at thestart of a TLS connection, the attacker could inject arbitrary content atthe beginning of the user's session. This update adds support for the newnew renegotiation extension and will use it when the server supports it. [More...]
It was discovered that ClamAV did not properly verify its input whenprocessing CAB files. A remote attacker could send a specially craftedCAB file to evade malware detection. (CVE-2010-0098)
It was discovered that MoinMoin did not properly sanitize its input whenprocessing Despam actions, resulting in cross-site scripting (XSS)vulnerabilities. If a privileged wiki user were tricked into performingthe Despam action on a page with a crafted title, a remote attacker couldexploit this to execute JavaScript code. (CVE-2010-0828) [More...]
