canonical ubuntu linux 6.10 vulnerabilities and exploits

(subscribe to this query)

2.1

CVSSv2

Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000),...

Linux Linux Kernel Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 5.10 Canonical Ubuntu Linux 6.06

5

CVSSv2

The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727.

Php Php -Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 7.04

5

CVSSv2

OpenLDAP prior to 2.3.29 allows remote malicious users to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

Openldap Openldap Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 5.10 Canonical Ubuntu Linux 6.06

6.8

CVSSv2

Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote malicious users to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.

Gimp Gimp Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 7.04

6.8

CVSSv2

Sign extension error in the ReadDIBImage function in ImageMagick prior to 6.3.5-9 allows context-dependent malicious users to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.

Imagemagick Imagemagick Canonical Ubuntu Linux 7.04 Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 6.06

6.8

CVSSv2

The FTP protocol implementation in Mozilla Firefox prior to 1.5.0.11 and 2.x prior to 2.0.0.3 allows remote malicious users to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a...

Mozilla Firefox Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 5.10 Canonical Ubuntu Linux 6.10

1 EDB exploit

3.5

CVSSv2

sql_select.cc in MySQL 5.0.x prior to 5.0.32 and 5.1.x prior to 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

Mysql Mysql Canonical Ubuntu Linux 7.04 Canonical Ubuntu Linux 7.10 Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 6.10

4.3

CVSSv2

pngrtran.c in libpng prior to 1.0.29 and 1.2.x prior to 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote malicious users to cause a denial of service (crash) via a crafted PNG image.

Libpng Libpng Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 7.10 Canonical Ubuntu Linux 7.04

4.3

CVSSv2

KsIRC 1.3.12 allows remote malicious users to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported ...

Kde Ksirc 1.3.12 Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 5.10 Canonical Ubuntu Linux 6.06

1 EDB exploit

9.3

CVSSv2

Mozilla Firefox 2.x prior to 2.0.0.1, 1.5.x prior to 1.5.0.9, and SeaMonkey prior to 1.0.7 allows remote malicious users to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.

Mozilla Firefox Mozilla Seamonkey Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 6.10 Canonical Ubuntu Linux 5.10

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook