Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.33%
  • Veröffentlicht 25.07.2012 10:42:35
  • Zuletzt bearbeitet 16.06.2026 23:44:07

Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.

  • EPSS 5.72%
  • Veröffentlicht 03.07.2012 19:55:02
  • Zuletzt bearbeitet 16.06.2026 23:38:26

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file wit...

  • EPSS 1.78%
  • Veröffentlicht 19.06.2012 20:55:05
  • Zuletzt bearbeitet 16.06.2026 23:38:33

The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by vie...

  • EPSS 1.24%
  • Veröffentlicht 16.06.2012 00:55:05
  • Zuletzt bearbeitet 16.06.2026 23:34:52

The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) at...

  • EPSS 1.76%
  • Veröffentlicht 16.06.2012 00:55:05
  • Zuletzt bearbeitet 16.06.2026 23:34:52

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack.

  • EPSS 7.54%
  • Veröffentlicht 16.06.2012 00:55:03
  • Zuletzt bearbeitet 16.06.2026 23:32:51

Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a craft...

  • EPSS 0.35%
  • Veröffentlicht 07.06.2012 21:55:02
  • Zuletzt bearbeitet 16.06.2026 23:38:33

DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.

  • EPSS 4.75%
  • Veröffentlicht 05.06.2012 22:55:10
  • Zuletzt bearbeitet 16.06.2026 23:39:51

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: th...

  • EPSS 29.68%
  • Veröffentlicht 05.06.2012 22:55:09
  • Zuletzt bearbeitet 16.06.2026 23:39:12

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the R...

  • EPSS 1.88%
  • Veröffentlicht 05.06.2012 22:55:09
  • Zuletzt bearbeitet 16.06.2026 23:39:12

Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exis...