The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Squeeze

libtiff: integer overflow of tiff2pdf
An attacker can invite the victim to open a malicious TIFF image with tiff2pdf, in order to create a denial of service or to execute code...
BID-54076, CERTA-2012-AVI-343, CVE-2012-2113, DSA-2552-1, FEDORA-2012-10081, FEDORA-2012-10089, JSA11023, MDVSA-2012:101, MDVSA-2013:046, openSUSE-SU-2012:0829-1, RHSA-2012:1054-01, SSA:2013-290-01, SUSE-SU-2012:0894-1, VIGILANCE-VUL-11725
ModSecurity: bypassing rules with PHP
An attacker can use a special HTTP multipart/form-data query, in order to bypass security rules of ModSecurity...
BID-54156, CVE-2012-2751, DSA-2506-1, FEDORA-2012-9824, MDVSA-2012:118, MDVSA-2012:182, openSUSE-SU-2013:1331-1, openSUSE-SU-2013:1336-1, openSUSE-SU-2013:1342-1, VIGILANCE-VUL-11719
Xen, Citrix XenServer, BSD, Windows: privilege elevation in PV 64 bit Intel
An administrator in a guest ParaVirtualized 64 bit system can use the SYSRET instruction with an invalid RIP, in order to execute code on the host system with a 64 bit Intel processor...
2711167, CERTA-2012-AVI-328, CERTA-2012-AVI-334, CTX133161, CVE-2012-0217, DSA-2501-1, DSA-2508-1, FEDORA-2012-9386, FEDORA-2012-9399, FEDORA-2012-9430, FreeBSD-SA-12:04.sysret, MS12-042, NetBSD-SA2012-003, openSUSE-SU-2012:0886-1, RHSA-2012:0720-01, RHSA-2012:0721-01, SUSE-SU-2012:0730-1, VIGILANCE-VUL-11693, VU#649219, XSA-7, XSA-8
Java JRE/JDK: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
BID-53946, BID-53947, BID-53948, BID-53949, BID-53950, BID-53951, BID-53952, BID-53953, BID-53954, BID-53956, BID-53958, BID-53959, BID-53960, c03441075, CERTA-2012-AVI-331, CERTA-2012-AVI-452, CERTA-2012-AVI-607, CERTA-2012-AVI-666, CVE-2012-0551, CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1720, CVE-2012-1721, CVE-2012-1722, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725, CVE-2012-1726, DSA-2507-1, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, FEDORA-2012-9541, FEDORA-2012-9545, FEDORA-2012-9590, FEDORA-2012-9593, HPSBUX02805, IC87301, javacpujun2012, MDVSA-2012:095, openSUSE-SU-2012:0828-1, PM65379, RHSA-2012:0729-01, RHSA-2012:0730-01, RHSA-2012:0734-01, RHSA-2012:1009-01, RHSA-2012:1019-01, RHSA-2012:1238-01, RHSA-2012:1243-01, RHSA-2012:1245-01, RHSA-2012:1289-01, RHSA-2012:1332-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100919, SUSE-SU-2012:0762-1, SUSE-SU-2012:1177-1, SUSE-SU-2012:1177-2, SUSE-SU-2012:1204-1, SUSE-SU-2012:1231-1, SUSE-SU-2012:1264-1, SUSE-SU-2012:1265-1, SUSE-SU-2012:1475-1, swg21615246, swg21617572, swg21632667, swg21632668, swg21633991, swg21633992, VIGILANCE-VUL-11703, VMSA-2012-0003.1, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013.1, ZDI-12-142, ZDI-12-189
Xen, Citrix XenServer: denial of service via AMD
An attacker in a guest ParaVirtualized 64 bit system can use a vulnerability of some AMD processors, in order to stop the host system...
BID-53961, CERTA-2012-AVI-328, CVE-2012-2934, DSA-2501-1, FEDORA-2012-9386, FEDORA-2012-9399, FEDORA-2012-9430, openSUSE-SU-2012:0886-1, openSUSE-SU-2012:1572-1, openSUSE-SU-2012:1573-1, RHSA-2012:0721-01, SUSE-SU-2012:0730-1, VIGILANCE-VUL-11695, XSA-9
Xen, Citrix XenServer: denial of service via GPF
An attacker in a ParaVirtualized guest system can use the SYSENTER/SYSCALL instruction, in order to force the host to send a General Protection Fault to the guest...
BID-53955, CERTA-2012-AVI-328, CTX133161, CVE-2012-0218, DSA-2501-1, FEDORA-2012-9386, FEDORA-2012-9399, FEDORA-2012-9430, openSUSE-SU-2012:0886-1, SUSE-SU-2012:0730-1, VIGILANCE-VUL-11694, XSA-7, XSA-8
NSS: denial of service via DER
An attacker can send ASN.1 items encoded as DER with a zero length, in order to stop applications linked to the NSS library...
CERTA-2012-AVI-663, CVE-2012-0441, DSA-2490-1, ESX410-201211001, ESX410-201211401-SG, ESX410-201211402-SG, ESX410-201211405-SG, ESX410-201211407-SG, RHSA-2012:1090-01, RHSA-2012:1091-01, VIGILANCE-VUL-11683, VMSA-2012-0016
ISC DHCP: denials of service
An attacker can generate two denials of service in ISC DHCP, in order to stop it...
CVE-2011-4539, CVE-2011-4868, DSA-2516-1, DSA-2519-1, DSA-2519-2, SSA:2012-237-01, VIGILANCE-VUL-11679
Firefox, Thunderbird, SeaMonkey: several vulnerabilities
Several vulnerabilities of Firefox, Thunderbird and SeaMonkey can be used by an attacker to execute code on victim's computer...
BID-53791, BID-53792, BID-53793, BID-53794, BID-53796, BID-53797, BID-53798, BID-53799, BID-53800, BID-53801, BID-53807, CERTA-2012-AVI-307, CVE-2011-3101, CVE-2012-0441, CVE-2012-1937, CVE-2012-1938, CVE-2012-1939, CVE-2012-1940, CVE-2012-1941, CVE-2012-1942, CVE-2012-1943, CVE-2012-1944, CVE-2012-1945, CVE-2012-1946, CVE-2012-1947, CVE-2012-3105, DSA-2488-1, DSA-2489-1, DSA-2499-1, FEDORA-2012-8937, FEDORA-2012-9001, FEDORA-2012-9037, FEDORA-2012-9079, FEDORA-2012-9087, MDVSA-2012:088, MDVSA-2012:088-1, MFSA 2012-34, MFSA 2012-35, MFSA 2012-36, MFSA 2012-37, MFSA 2012-38, MFSA 2012-39, MFSA 2012-40, openSUSE-SU-2012:0760-1, openSUSE-SU-2014:1100-1, RHSA-2012:0710-01, RHSA-2012:0715-01, SSA:2012-166-02, SSA:2012-166-03, SSA:2012-166-04, SUSE-SU-2012:0746-1, VIGILANCE-VUL-11677
PostgreSQL: denial of service via SECURITY DEFINER and SET
An attacker can create a special function, and then call it, in order to stop PostgreSQL...
BID-53812, CERTA-2012-AVI-310, CVE-2012-2655, DSA-2491-1, FEDORA-2012-8893, FEDORA-2012-8915, FEDORA-2012-8924, MDVSA-2012:092, openSUSE-SU-2012:1251-1, openSUSE-SU-2012:1288-1, openSUSE-SU-2012:1299-1, RHSA-2012:1036-01, RHSA-2012:1037-01, SUSE-SU-2012:1021-1, SUSE-SU-2012:1336-1, VIGILANCE-VUL-11675
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Squeeze: