The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Stretch

Evince: buffer overflow via DVI AFM linetoken
An attacker can invite the victim to open a malicious DVI file with Evince, in order to execute code on his computer...
640923, BID-47168, CVE-2011-0433, DSA-2388-1, FEDORA-2012-0266, FEDORA-2012-0289, MDVSA-2012:004, MDVSA-2012:144, openSUSE-SU-2011:0279-1, openSUSE-SU-2012:0559-1, RHSA-2012:0062-01, RHSA-2012:0137-01, RHSA-2012:1201-01, SUSE-SR:2011:006, SUSE-SU-2012:0740-1, SUSE-SU-2012:0744-1, VIGILANCE-VUL-10382
Mailman: Cross Site Scripting via confirm.py
An attacker can use the Mailman confirmation page, in order to generate a Cross Site Scripting...
677375, BID-46464, CVE-2011-0707, DSA-2170-1, FEDORA-2011-2102, FEDORA-2011-2125, MDVSA-2011:036, openSUSE-SU-2011:0312-1, openSUSE-SU-2011:0424-1, RHSA-2011:0307-01, RHSA-2011:0308-01, SUSE-SR:2011:007, SUSE-SR:2011:009, VIGILANCE-VUL-10381
Avahi: infinite loop via mDNS
An attacker can send an empty mDNS packet, in order to create a denial of service in the Avahi daemon...
667187, CERTA-2011-AVI-121, CVE-2011-0634-REJECT, CVE-2011-1002, DSA-2174-1, FEDORA-2011-11588, MDVSA-2011:037, openSUSE-SU-2011:0149-1, RHSA-2011:0436-01, RHSA-2011:0779-01, SUSE-SR:2011:005, VIGILANCE-VUL-10380
OpenJDK, IcedTea6: bypassing JNLP signature
An attacker can create a Java JNLP application containing several signatures, and which is not blocked by the OpenJDK compiled with IcedTea6...
677332, BID-46439, CERTA-2003-AVI-001, CERTA-2011-AVI-196, CVE-2011-0706, DSA-2224-1, FEDORA-2011-1631, FEDORA-2011-1645, MDVSA-2011:054, openSUSE-SU-2011:0155-1, VIGILANCE-VUL-10379
PHP Intl: denial of service via grapheme_extract
When an attacker can change the second parameter of the PHP grapheme_extract() function, he can stop the application...
BID-46429, CVE-2011-0420, DSA-2262-2, DSA-2266-1, openSUSE-SU-2011:0276-1, VIGILANCE-VUL-10376, VU#210829
Wireshark: buffer overflow via dct3trace
An attacker can invite the victim to open a DCT3 capture with Wireshark, in order to create an overflow, leading to a denial of service or to code execution...
BID-46416, CERTA-2011-AVI-169, CVE-2011-0713, DSA-2201-1, FEDORA-2011-2620, FEDORA-2011-2632, MDVSA-2011:044, RHSA-2011:0369-01, SUSE-SR:2011:007, VIGILANCE-VUL-10374
Linux kernel: buffer overflow via caiaq
An attacker can insert a USB device with a long name, in order to create an overflow in caiaq, leading to a denial of service or to code execution...
BID-46419, CERTA-2003-AVI-005, CVE-2011-0712, DSA-2310-1, openSUSE-SU-2011:0159-1, openSUSE-SU-2011:0346-1, openSUSE-SU-2011:0399-1, openSUSE-SU-2011:0416-1, RHSA-2011:0498-01, SUSE-SA:2011:012, SUSE-SA:2011:017, SUSE-SA:2011:019, SUSE-SA:2011:020, SUSE-SA:2011:021, SUSE-SU-2011:1150-1, VIGILANCE-VUL-10373
Linux kernel: memory reading via XFS FSGEOMETRY_V1
An attacker can use FSGEOMETRY_V1 ioctls on a XFS filesystem, in order to obtain four bytes from the kernel memory...
BID-46417, CVE-2011-0711, DSA-2240-1, DSA-2264-1, openSUSE-SU-2011:0159-1, openSUSE-SU-2011:0346-1, openSUSE-SU-2011:0399-1, openSUSE-SU-2011:0416-1, RHSA-2011:0498-01, RHSA-2011:0500-01, RHSA-2011:0927-01, SUSE-SA:2011:012, SUSE-SA:2011:015, SUSE-SA:2011:017, SUSE-SA:2011:020, SUSE-SA:2011:021, SUSE-SU-2011:0928-1, VIGILANCE-VUL-10372
Linux kernel: register reading on s390 via task_show_regs
On a s390 processor, a local attacker can read the status file, in order to obtain values of registers of a process...
BID-46421, CVE-2011-0710, DSA-2264-1, ESX400-201110001, ESX400-201110401-SG, ESX400-201110403-SG, ESX400-201110406-SG, ESX400-201110408-SG, ESX400-201110409-SG, ESX400-201110410-SG, openSUSE-SU-2011:0159-1, openSUSE-SU-2013:0927-1, RHSA-2011:0421-01, RHSA-2011:0429-01, SUSE-SA:2011:012, SUSE-SA:2011:015, VIGILANCE-VUL-10371, VMSA-2011-0004.2, VMSA-2011-0009.1, VMSA-2011-0010.2, VMSA-2011-0012, VMSA-2011-0012.1, VMSA-2011-0013, VMSA-2012-0005
shadow: user creation via chfn/chsh
A local attacker can use the chfn or the chsh tool of the shadow suite, in order to add a user on a NIS server...
BID-46426, CERTA-2011-AVI-094, CVE-2011-0721, SSA:2011-086-03, VIGILANCE-VUL-10369
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Stretch: