The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Squeeze

PHP: file creation via XSLT
When a PHP application processes a malicious XSLT file, an attacker can create a file on the system...
54446, BID-51806, CVE-2012-0057, DSA-2399-1, DSA-2399-2, openSUSE-SU-2012:0426-1, RHSA-2012:1045-01, RHSA-2012:1046-01, RHSA-2012:1047-01, SUSE-SU-2012:0411-1, SUSE-SU-2012:0472-1, SUSE-SU-2012:0496-1, VIGILANCE-VUL-11302
MySQL: several vulnerabilities of January 2012
Several vulnerabilities of Oracle MySQL are corrected by the CPU of January 2012...
BID-51488, BID-51493, BID-51502, BID-51503, BID-51504, BID-51505, BID-51506, BID-51507, BID-51508, BID-51509, BID-51510, BID-51511, BID-51512, BID-51513, BID-51514, BID-51515, BID-51516, BID-51517, BID-51518, BID-51519, BID-51520, BID-51521, BID-51522, BID-51523, BID-51524, BID-51525, BID-51526, CERTA-2012-AVI-024, cpujan2012, CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0117, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0490, CVE-2012-0491, CVE-2012-0492, CVE-2012-0493, CVE-2012-0494, CVE-2012-0495, CVE-2012-0496, DSA-2429-1, FEDORA-2012-0972, FEDORA-2012-0987, JSA10601, openSUSE-SU-2012:0618-1, openSUSE-SU-2012:0619-1, RHSA-2012:0105-01, RHSA-2012:0127-01, sol14410, VIGILANCE-VUL-11296
Apache Tomcat: denial of service via several parameters
An attacker can send a query containing several parameters to Apache Tomcat, in order to overload the CPU...
c03183543, c03231290, CERTA-2012-AVI-479, CVE-2012-0022, DSA-2401-1, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, FEDORA-2012-7258, FEDORA-2012-7593, HPSBMU02747, HPSBUX02741, JSA10600, MDVSA-2012:085, RHSA-2012:0074-01, RHSA-2012:0075-01, RHSA-2012:0076-01, RHSA-2012:0077-01, RHSA-2012:0078-01, RHSA-2012:0091-01, RHSA-2012:0325-01, RHSA-2012:0345-02, RHSA-2012:0474-01, RHSA-2012:0475-01, RHSA-2012:0679-01, RHSA-2012:0680-01, RHSA-2012:0681-01, RHSA-2012:0682-01, RHSA-2012:1331-01, SSRT100728, SSRT100771, VIGILANCE-VUL-11290, VMSA-2012-0003.1, VMSA-2012-0005, VMSA-2012-0005.2, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013, VMSA-2012-0013.1
Apache Tomcat: information disclosure on previous sessions
In some cases, Apache Tomcat can return to an application data belonging to the HTTP session of a previous user...
51872, BID-51442, CERTA-2012-AVI-025, CERTA-2012-AVI-479, CVE-2011-3375, DSA-2401-1, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, FEDORA-2012-7258, FEDORA-2012-7593, RHSA-2012:0681-01, RHSA-2012:0682-01, VIGILANCE-VUL-11289, VMSA-2012-0003.1, VMSA-2012-0005, VMSA-2012-0005.2, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013, VMSA-2012-0013.1
PHP: denial of service via Tidy diagnose
A local attacker can use the diagnose() method of the Tidy class, in order to dereference a NULL pointer, which stops the PHP interpreter...
BID-51992, CVE-2012-0781, DSA-2408-1, openSUSE-SU-2012:0426-1, RHSA-2012:1046-01, SUSE-SU-2012:0411-1, SUSE-SU-2012:0496-1, VIGILANCE-VUL-11284
PHP: denial of service via zend_strndup
A local attacker can use one of the functions using zend_strndup(), in order to dereference a NULL pointer, which stops the PHP interpreter...
BID-51417, c03368475, CVE-2011-4153, DSA-2408-1, HPSBUX02791, openSUSE-SU-2012:0426-1, RHSA-2012:1045-01, RHSA-2012:1046-01, RHSA-2012:1047-01, SSRT100856, SUSE-SU-2012:0411-1, SUSE-SU-2012:0472-1, SUSE-SU-2012:0496-1, VIGILANCE-VUL-11283
Apache httpd: denial of service via scoreboard
An attacker, who runs code in an Apache httpd child process, can change a value of the scoreboard, in order to force the parent process, which runs as root, to free an invalid memory area, when the service stops, which may lead to code execution with root privileges...
BID-51407, c03231301, c03278391, CERTA-2012-AVI-026, CERTA-2012-AVI-225, CVE-2012-0031, DSA-2405-1, FEDORA-2012-1598, FEDORA-2012-1642, HPSBMU02748, HPSBUX02761, MDVSA-2012:012, openSUSE-SU-2012:0314-1, RHSA-2012:0128-01, RHSA-2012:0323-01, RHSA-2012:0542-01, RHSA-2012:0543-01, SOL15889, SSA:2012-041-01, SSRT100772, SSRT100823, SUSE-SU-2012:0284-1, SUSE-SU-2012:0323-1, VIGILANCE-VUL-11282
Linux kernel: denial of service via KVM syscall
An attacker, who is located in a KVM guest system, can run a malformed program, in order to stop the system...
BID-51389, CVE-2012-0045, DSA-2443-1, FEDORA-2012-0363, FEDORA-2012-0480, openSUSE-SU-2013:0927-1, RHSA-2012:0350-01, RHSA-2012:0422-01, SUSE-SU-2012:0616-1, VIGILANCE-VUL-11279
libxml2: buffer overflow via xmlStringLenDecodeEntities
An attacker can send long XML data to an application linked to libxml2, in order to stop it, and possibly to execute code...
771896, CERTA-2012-AVI-004, CERTA-2012-AVI-387, CERTA-2012-AVI-479, CERTA-2012-AVI-673, CVE-2011-3919, DSA-2019-197, DSA-2394-1, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, ESXi400-201209001, ESXi400-201209401-SG, ESXi410-201208101-SG, ESXi500-201207001, ESXi500-201207101-SG, FEDORA-2012-13820, FEDORA-2012-13824, MDVSA-2012:005, openSUSE-SU-2012:0107-1, PSN-2012-11-767, RHSA-2012:0016-01, RHSA-2012:0017-01, RHSA-2012:0018-01, RHSA-2012:0104-01, RHSA-2013:0217-01, SUSE-SU-2012:0117-1, SUSE-SU-2013:1625-1, SUSE-SU-2013:1627-1, VIGILANCE-VUL-11277, VMSA-2012-0003.1, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0012, VMSA-2012-0012.1, VMSA-2012-0012.2, VMSA-2012-0013, VMSA-2012-0013.1
Wireshark: several vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code...
BID-51368, BID-51710, CVE-2012-0041, CVE-2012-0042, CVE-2012-0043, CVE-2012-0066, CVE-2012-0067, CVE-2012-0068, DSA-2395-1, FEDORA-2012-0435, FEDORA-2012-0440, MDVSA-2012:015, openSUSE-SU-2012:0295-1, RHSA-2012:0509-01, RHSA-2013:0125-01, VIGILANCE-VUL-11273, wnpa-sec-2012-01, wnpa-sec-2012-02, wnpa-sec-2012-03
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Squeeze: