| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Debian Wheezy
SeaMonkey, Thunderbird: several vulnerabilities
Several vulnerabilities of SeaMonkey and Thunderbird can be used by an attacker to execute code on victim's computer...
487872, 506871, 511521, 516396, 516862, BID-36851, BID-36867, BID-37366, BID-38830, BID-38831, CERTA-2009-AVI-414, CERTA-2009-AVI-509, CERTA-2009-AVI-520, CERTA-2010-AVI-135, CERTA-2010-AVI-280, CVE-2009-0689, CVE-2009-1563-REJECT, CVE-2009-2463, CVE-2009-3072, CVE-2009-3075, CVE-2009-3077, CVE-2009-3376, CVE-2009-3385, CVE-2009-3983, CVE-2010-0161, CVE-2010-0163, DSA-2025-1, FEDORA-2010-7100, MDVSA-2010:071, MFSA 2009-49, MFSA 2009-59, MFSA 2009-62, MFSA 2009-68, MFSA 2010-06, MFSA 2010-07, RHSA-2010:0499-01, SSA:2010-090-03, SSA:2010-095-01, SSA:2010-095-02, SSA:2010-095-03, VIGILANCE-VUL-9521, ZDI-09-065 |
PHP: denial of service of xmlrpc
The xmlrpc_decode_request() function of PHP does not validate XML data, which forces a NULL pointer dereference...
573573, BID-38708, CERTA-2002-AVI-261, CERTA-2010-AVI-385, CVE-2010-0397, DSA-2018-1, MDVSA-2010:068, MDVSA-2010:139, MDVSA-2010:140, openSUSE-SU-2010:0599-1, openSUSE-SU-2010:0678-1, RHSA-2010:0919-01, SUSE-SR:2010:012, SUSE-SR:2010:013, SUSE-SR:2010:017, VIGILANCE-VUL-9514 |
Linux kernel: denial of service via GFS
A local attacker can lock a file on a GFS system, in order to stop the kernel...
570863, BID-39101, CVE-2010-0727, DSA-2053-1, MDVSA-2010:066, MDVSA-2010:067, RHSA-2010:0178-02, RHSA-2010:0291-04, RHSA-2010:0330-01, RHSA-2010:0331-01, RHSA-2010:0380-01, RHSA-2010:0521-01, SUSE-SA:2010:036, VIGILANCE-VUL-9513 |
Apache httpd: denials of service of of modules
An attacker can generate a denial of service in mod_proxy_ajp and mod_isapi modules of Apache httpd...
BID-38491, BID-38494, c02160663, CERTA-2010-AVI-112, CERTA-2010-AVI-122, CVE-2010-0408, CVE-2010-0425, DSA-2019-131, DSA-2019-197, DSA-2035-1, FEDORA-2010-6055, FEDORA-2010-6131, HPSBUX02531, MDVSA-2010:053, RHSA-2010:0168-01, RHSA-2010:0396-01, SOS-10-002, SSA:2010-067-01, SSRT100108, SUSE-SR:2010:010, VIGILANCE-VUL-9487, VMSA-2010-0014, VMSA-2010-0014.1, VU#280613 |
CUPS: privilege elevation via lppasswd
A local attacker can modify the LOCALEDIR environment variable, in order to generate a format string attack in lppasswd, leading to the execution of privileged code...
BID-38524, CERTA-2002-AVI-252, CERTA-2010-AVI-110, CERTA-2010-AVI-182, CVE-2010-0393, DSA-2007-1, MDVSA-2010:072, MDVSA-2010:073, MDVSA-2010:073-1, SUSE-SR:2010:007, VIGILANCE-VUL-9494 |
Apache httpd: information disclosure via SubRequest
When Apache httpd uses a SubRequest and a multi-threaded MPM, session data can be returned to another user...
48359, BID-38494, BID-38580, c02160663, CVE-2010-0434, DSA-2035-1, FEDORA-2010-6055, FEDORA-2010-6131, HPSBUX02531, MDVSA-2010:057, RHSA-2010:0168-01, RHSA-2010:0175-01, RHSA-2010:0396-01, RHSA-2010:0602-02, SSRT100108, SUSE-SR:2010:010, VIGILANCE-VUL-9490, VMSA-2010-0014, VMSA-2010-0014.1 |
Linux kernel: denial of service via NFS
An attacker can truncate a NFS file, in order to stop the kernel, and possibly to execute code...
BID-39569, CVE-2010-1087, DSA-2053-1, openSUSE-SU-2010:0664-1, RHSA-2010:0504-01, RHSA-2010:0631-01, SUSE-SA:2010:031, SUSE-SA:2010:035, SUSE-SA:2010:046, VIGILANCE-VUL-9489, VMSA-2010-0016, VMSA-2010-0016.1, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2 |
libpng: denial of service during the decompression
An attacker can create an extremely compressed image, and invite the victim to open it with libpng, in order to generate a denial of service on his computer...
BID-38478, CVE-2010-0205, DSA-2032-1, FEDORA-2010-2988, FEDORA-2010-3375, FEDORA-2010-3414, FEDORA-2010-4616, FEDORA-2010-4673, FEDORA-2010-4683, MDVSA-2010:063, MDVSA-2010:064, RHSA-2010:0534-01, SUSE-SR:2010:011, SUSE-SR:2010:012, SUSE-SR:2010:013, VIGILANCE-VUL-9488, VMSA-2010-0014, VMSA-2010-0014.1, VU#576029 |
Linux kernel: denial of service via DVB
An attacker can send a malformed DVB/MPEG2-TS frame, in order to block the system...
BID-38479, CVE-2010-1086, DSA-2053-1, RHSA-2010:0394-01, RHSA-2010:0398-01, RHSA-2010:0631-01, SUSE-SA:2010:019, SUSE-SA:2010:023, VIGILANCE-VUL-9481, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2 |
Our database contains other pages. You can request a free trial to read them.
Display information about Debian Wheezy:
|