The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Stretch

PHP: double free of SplObjectStorage
When a PHP application unserializes malicious SplObjectStorage data, a double memory free occurs, and can lead to code execution...
605641, BID-40948, CERTA-2002-AVI-279, CVE-2010-2225, DSA-2089-1, FEDORA-2010-11428, FEDORA-2010-11481, MDVSA-2010:139, MDVSA-2010:140, MOPS-2010-061, openSUSE-SU-2010:0599-1, openSUSE-SU-2010:0678-1, SSA:2010-240-04, SUSE-SR:2010:017, SUSE-SR:2010:018, VIGILANCE-VUL-9728
CUPS: several vulnerabilities
Several vulnerabilities of CUPS can be used by an attacker to create a denial of service, to obtain information, or to execute code...
BID-40943, BID-41126, BID-41131, CERTA-2010-AVI-265, CERTA-2010-AVI-275, CVE-2010-0302, CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2432, DSA-2176-1, FEDORA-2010-10066, FEDORA-2010-10101, FEDORA-2010-10388, MDVSA-2010:232, MDVSA-2010:233, MDVSA-2010:234, MDVSA-2011:146, openSUSE-SU-2010:1018-1, openSUSE-SU-2010:1053-1, RHSA-2010:0490-01, RHSA-2010:0811-01, SSA:2010-176-05, STR #3480, STR #3490, STR #3510, STR #3516, STR #3518, STR #3577, SUSE-SR:2010:023, SUSE-SU-2011:1136-1, SUSE-SU-2011:1136-2, SUSE-SU-2011:1141-1, SUSE-SU-2011:1149-1, VIGILANCE-VUL-9716
LibTIFF: several vulnerabilities
An attacker can invite the victim to open a malicious TIFF image, in order to generate a denial of service or to execute code in applications linked to LibTIFF...
2207, 2208, 2209, 2210, 2215, 2216, 589145, 591605, BID-41088, BID-41295, BID-41475, BID-41477, BID-41480, CVE-2010-2233, CVE-2010-2443, CVE-2010-2481, CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2596, CVE-2010-2597, CVE-2010-2630, CVE-2010-2631, DLA-610-1, DLA-610-2, DSA-2552-1, FEDORA-2010-10333, FEDORA-2010-10334, KB27244, MDVSA-2010:145, MDVSA-2010:146, RHSA-2010:0519-01, RHSA-2014:0222-01, VIGILANCE-VUL-9727
Linux kernel: file reading on XFS
On an XFS filesystem, when a file is in write-only mode, a local attacker can use the SWAPEXT ioctl, in order to read the file...
BID-40920, CVE-2010-2226, DSA-2094-1, FEDORA-2010-13110, MDVSA-2010:188, MDVSA-2010:198, openSUSE-SU-2010:0664-1, RHSA-2010:0610-01, SUSE-SA:2010:046, SUSE-SA:2010:060, SUSE-SA:2011:007, SUSE-SU-2011:0928-1, VIGILANCE-VUL-9714, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2
Samba: buffer overflow of chain_reply
An unauthenticated attacker can send a malicious SMB query, in order to generate a buffer overflow in Samba, leading to a denial of service or to code execution...
BID-40884, c02627925, c02787667, CERTA-2002-AVI-268, CERTA-2010-AVI-266, CERTA-2011-AVI-174, CVE-2010-2063, DSA-2061-1, HPSBUX02609, HPSBUX02657, MDVSA-2010:119, RHSA-2010:0488-01, SSA:2010-169-01, SSRT100147, SSRT100460, SUSE-SA:2010:025, SUSE-SR:2010:014, VIGILANCE-VUL-9712, VMSA-2010-0013, VMSA-2010-0013.1, VMSA-2010-0013.2, VMSA-2010-0013.3
Linux kernel: denial of service of tty_fasync
A local attacker can generate an inter-blocking in tty_fasync(), in order to stop the system...
BID-40867, CVE-2009-4895, DSA-2094-1, VIGILANCE-VUL-9710
libtiff: integer overflow of FAX3
An attacker can invite the victim to open a malicious compressed TIFF image in format FAX3, in order to execute code in applications linked to libtiff...
BID-40823, CERTA-2002-AVI-279, CERTA-2010-AVI-262, CVE-2010-1411, DSA-2084-1, FEDORA-2010-10333, FEDORA-2010-10334, FEDORA-2010-10359, FEDORA-2010-10460, FEDORA-2010-10469, MDVSA-2010:145, MDVSA-2010:146, RHSA-2010:0519-01, RHSA-2010:0520-01, SSA:2010-180-02, SUSE-SR:2010:014, VIGILANCE-VUL-9706
libwww-perl, lftp, wget: file creation
An attacker owning a malicious web site can return an HTTP redirect to libwww-perl, lftp or wget tools, in order to force them to create a file with another name...
CERTA-2002-AVI-279, CERTA-2010-AVI-361, CVE-2010-2251, CVE-2010-2252, CVE-2010-2253, DSA-2085-1, DSA-2088-1, FEDORA-2010-15405, FEDORA-2010-15532, FEDORA-2010-9819, MDVSA-2010:128, MDVSA-2010:167, MDVSA-2010:170, oCERT-2010-001, RHSA-2010:0585-01, RHSA-2014:0151-01, SUSE-SR:2010:014, VIGILANCE-VUL-9648
Apache Tomcat: several vulnerabilities
An attacker can use several vulnerabilities of Apache Tomcat in order to generate a denial of service or to obtain information...
263529, 6848375, 6849727, BID-35193, BID-35196, BID-35263, BID-35416, c01908935, c02181353, c02515878, CERTA-2009-AVI-211, CERTA-2010-AVI-220, CERTA-2011-AVI-169, CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0783, DSA-2207-1, FEDORA-2009-11352, FEDORA-2009-11356, FEDORA-2009-11374, HPSBMA02535, HPSBUX02466, HPSBUX02579, KB25966, MDVSA-2009:136, MDVSA-2009:138, MDVSA-2009:163, MDVSA-2010:176, PSN-2012-05-584, RHSA-2009:1143-01, RHSA-2009:1144-01, RHSA-2009:1145-01, RHSA-2009:1146-01, RHSA-2009:1164-01, RHSA-2009:1454-01, RHSA-2009:1506-01, RHSA-2009:1562-01, RHSA-2009:1563-01, RHSA-2009:1616-01, RHSA-2009:1617-01, RHSA-2010:0602-02, SSRT090192, SSRT100029, SSRT100203, SUSE-SR:2009:012, SUSE-SR:2010:008, VIGILANCE-VUL-8762, VMSA-2009-0016, VMSA-2009-0016.1, VMSA-2009-0016.2, VMSA-2009-0016.3, VMSA-2009-0016.4, VMSA-2009-0016.5
Wireshark: several vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code...
4734, 4826, 4837, BID-40728, CERTA-2002-AVI-268, CERTA-2010-AVI-260, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, DSA-2066-1, FEDORA-2010-13416, FEDORA-2010-13427, MDVSA-2010:113, openSUSE-SU-2011:0010-1, openSUSE-SU-2011:0010-2, RHSA-2010:0625-01, SUSE-SR:2011:001, SUSE-SR:2011:002, SUSE-SR:2011:007, VIGILANCE-VUL-9700
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Stretch: