The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Mandriva NF

Perl: bypassing Safe.pm via sub references
An attacker can use a reference on a subroutine, in order to bypass restrictions imposed by the Safe.pm module of Perl...
588269, BID-40305, CVE-2010-1447, DSA-2267-1, FEDORA-2010-11323, FEDORA-2010-11340, MDVSA-2010:115, openSUSE-SU-2010:0518-1, openSUSE-SU-2010:0519-1, PSN-2012-08-686, PSN-2012-08-687, PSN-2012-08-688, PSN-2012-08-689, PSN-2012-08-690, RHSA-2010:0457-01, RHSA-2010:0458-02, SUSE-SR:2010:016, VIGILANCE-VUL-9658, VMSA-2010-0013, VMSA-2010-0013.1, VMSA-2010-0013.2, VMSA-2010-0013.3
Perl: bypassing Safe.pm via overloading
An attacker can define methods or overload operators, in order to bypass restrictions imposed by the Safe.pm module of Perl...
576508, BID-40302, CERTA-2010-AVI-580, CVE-2010-1168, CVE-2010-1974-REJECT, FEDORA-2010-11323, FEDORA-2010-11340, MDVSA-2010:115, openSUSE-SU-2010:0518-1, openSUSE-SU-2010:0519-1, RHSA-2010:0457-01, RHSA-2010:0458-02, SUSE-SR:2010:016, VIGILANCE-VUL-9657, VMSA-2010-0013, VMSA-2010-0013.1, VMSA-2010-0013.2, VMSA-2010-0013.3
glibc: integer overflow of ld.so
An attacker can use a malformed ELF file, to generate an integer overflow in ld.so, in order to execute code...
BID-40063, CERTA-2012-AVI-479, CERTA-2012-AVI-759, CVE-2010-0830, DSA-2058-1, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, ESXi500-201212101, ESXi510-201304101-SG, MDVSA-2010:111, MDVSA-2010:112, openSUSE-SU-2010:0913-1, openSUSE-SU-2010:0914-1, RHSA-2012:0125-01, RHSA-2012:0126-01, SUSE-SA:2010:052, VIGILANCE-VUL-9641, VMSA-2012-0005.2, VMSA-2012-0013, VMSA-2012-0018, VMSA-2012-0018.2, VMSA-2013-0001.3, VMSA-2013-0004.1
OpenSSL: denial of service via ssl3_get_record
An attacker can send a malicious SSL message, in order to stop applications linked to OpenSSL...
BID-39013, c02079216, c02160663, CVE-2010-0740, FEDORA-2010-8742, HPSBUX02517, HPSBUX02531, MDVSA-2010:076, MDVSA-2010:076-1, SOL11533, SSA:2010-090-01, SSRT100058, SSRT100108, VIGILANCE-VUL-9541, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2
GNU tar, cpio: buffer overflow via rmt
An attacker, owning a malicious rmt server, or inviting the victim to open a malicious file with GNU tar or cpio, can generate an overflow, leading to code execution...
BID-38628, CVE-2010-0624, FEDORA-2010-4267, FEDORA-2010-4274, FEDORA-2010-4302, FEDORA-2010-4306, FEDORA-2010-4309, FEDORA-2010-4321, MDVSA-2010:065, RHSA-2010:0141-01, RHSA-2010:0142-01, RHSA-2010:0143-01, RHSA-2010:0144-01, RHSA-2010:0145-01, SUSE-SR:2010:011, USN-2456-1, VIGILANCE-VUL-9511, VMSA-2010-0013, VMSA-2010-0013.1, VMSA-2010-0013.2, VMSA-2010-0013.3
OpenSSL: buffer overflow via bn_wexpand
The OpenSSL library does not check the error code of the bn_wexpand() function, which can generate a denial of service, or lead to code execution...
BID-38562, c02079216, CERTA-2009-AVI-482, CERTA-2011-AVI-369, CVE-2009-3245, FEDORA-2010-5357, FEDORA-2010-8742, HPSBUX02517, MDVSA-2010:076, MDVSA-2010:076-1, PSN-2012-11-767, RHSA-2010:0162-01, RHSA-2010:0173-02, RHSA-2010:0977-01, RHSA-2011:0896-01, RHSA-2011:0897-01, SOL15404, SSA:2010-060-02, SSRT100058, SUSE-SA:2010:020, SUSE-SR:2010:013, VIGILANCE-VUL-9503, VMSA-2010-0015, VMSA-2010-0015.1
ncpfs: two vulnerabilities
A local attacker can use two vulnerabilities of ncpfs, in order to obtain information or to create a denial of service...
CVE-2010-0790, CVE-2010-0791, MDVSA-2010:061, SUSE-SR:2010:012, SUSE-SR:2010:013, VIGILANCE-VUL-9502
OpenSSL: denial of service via Kerberos
When OpenSSL supports the Kerberos key exchange, and when the server application is in a chroot jail, an attacker can send a special ClientHello message, in order to stop the application...
567711, 569774, BID-38533, c02079216, c02160663, CVE-2010-0433, FEDORA-2010-5357, FEDORA-2010-8742, HPSBUX02517, HPSBUX02531, MDVSA-2010:076, MDVSA-2010:076-1, PSN-2012-11-767, RHSA-2010:0162-01, SSA:2010-090-01, SSRT100058, SSRT100108, VIGILANCE-VUL-9493, VMSA-2010-0015, VMSA-2010-0015.1, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2
libpng: denial of service during the decompression
An attacker can create an extremely compressed image, and invite the victim to open it with libpng, in order to generate a denial of service on his computer...
BID-38478, CVE-2010-0205, DSA-2032-1, FEDORA-2010-2988, FEDORA-2010-3375, FEDORA-2010-3414, FEDORA-2010-4616, FEDORA-2010-4673, FEDORA-2010-4683, MDVSA-2010:063, MDVSA-2010:064, RHSA-2010:0534-01, SUSE-SR:2010:011, SUSE-SR:2010:012, SUSE-SR:2010:013, VIGILANCE-VUL-9488, VMSA-2010-0014, VMSA-2010-0014.1, VU#576029
libcurl: buffer overflow via uncompression
An attacker, who owns a web server, can return data compressed with Deflate (zlib), in order to generate an overflow in applications linked to libcurl...
adv_20100209, BID-38162, CERTA-2010-AVI-135, CERTA-2010-AVI-138, CVE-2010-0734, DSA-2023-1, FEDORA-2010-2720, FEDORA-2010-2762, MDVSA-2010:062, RHSA-2010:0273-05, RHSA-2010:0329-01, VIGILANCE-VUL-9420, VMSA-2010-0015, VMSA-2010-0015.1, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2
Our database contains other pages. You can request a free trial to read them.