It was discovered that libmodplug did not correctly handle certain parameters when parsing MED media files. If a user or automated system were tricked into opening a crafted MED file, an attacker could execute arbitrary code with privileges of the user invoking the program. (CVE-2009-1438) [More...]
A flaw was discovered in the clamav-milter initscript which caused theownership of the current working directory to be changed to the 'clamav'user. This update attempts to repair the incorrect ownership for standardsystem directories, but it is recommended that the following command beperformed to report any other directories that may be affected: [More...]
Tavis Ormandy discovered that libwmf incorrectly used memory after it had been freed when using its embedded GD library. If a user or automated system were tricked into opening a crafted WMF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. [More...]
Stephane Chazelas discovered that Apport did not safely remove files fromits crash report directory. If Apport had been enabled at some point, alocal attacker could remove arbitrary files from the system. [More...]
It was discovered that the upstream security fixes in USN-764-1 introduceda regression which could cause the browser to crash. If a user were trickedinto viewing a malicious website, a remote attacker could cause a denial ofservice or possibly execute arbitrary code with the privileges of the userinvoking the program. [More...]
Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges. [More...]
It was discovered that acpid did not properly handle a large number of connections. A local user could exploit this and monopolize CPU resources, leading to a denial of service.
Several flaws were discovered in the browser engine. If a user were trickedinto viewing a malicious website, a remote attacker could cause a denial ofservice or possibly execute arbitrary code with the privileges of the userinvoking the program. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304,CVE-2009-1305) [More...]
Alexandre Martani discovered that the APT daily cron script did not checkthe return code of the date command. If a machine is configured forautomatic updates and is in a time zone where DST occurs at midnight, undercertain circumstances automatic updates might not be applied and couldbecome permanently disabled. (CVE-2009-1300) [More...]
It was discovered that the QT demuxer in xine-lib did not correctly handle a large count value in an STTS atom, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could execute arbitrary code as the user invoking the program. (CVE-2009-1274) [More...]
It was discovered that PHP did not sanitize certain error messages when display_errors is enabled, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could [More...]
Sebastian Krahmer discovered that udev did not correctly validate netlinkmessage senders. A local attacker could send specially crafted messagesto udev in order to gain root privileges. (CVE-2009-1185) [More...]
It was discovered that Ghostscript contained a buffer underflow in its CCITTFax decoding filter. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2007-6725) [More...]
It was discovered that ClamAV did not properly verify buffers whenprocessing Upack files. A remote attacker could send a crafted file andcause a denial of service via application crash.
Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routinesthat did not correctly handle certain requests. An unauthenticated remoteattacker could send specially crafted traffic to crash services usingthe Kerberos library, leading to a denial of service. [More...]
It was discovered that ClamAV did not properly verify its input whenprocessing TAR archives. A remote attacker could send a specially craftedTAR file and cause a denial of service via infinite loop.
NFS did not correctly handle races between fcntl and interrupts. A localattacker on an NFS mount could consume unlimited kernel memory, leading toa denial of service. (CVE-2008-4307)
It was discovered that PostgreSQL did not properly handle encoding conversion failures. An attacker could exploit this by sending specially crafted requests to PostgreSQL, leading to a denial of service. [More...]
NFS did not correctly handle races between fcntl and interrupts. A localattacker on an NFS mount could consume unlimited kernel memory, leading toa denial of service. Ubuntu 8.10 was not affected. (CVE-2008-4307) [More...]
