Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.65%
  • Veröffentlicht 28.01.2011 22:00:05
  • Zuletzt bearbeitet 16.06.2026 23:23:20

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

  • EPSS 10.1%
  • Veröffentlicht 28.01.2011 22:00:05
  • Zuletzt bearbeitet 16.06.2026 23:24:26

Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office docu...

Exploit
  • EPSS 2.3%
  • Veröffentlicht 14.01.2011 17:00:03
  • Zuletzt bearbeitet 16.06.2026 23:27:28

Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or ...

  • EPSS 0.7%
  • Veröffentlicht 30.12.2010 19:00:03
  • Zuletzt bearbeitet 16.06.2026 23:23:40

Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.

  • EPSS 0.72%
  • Veröffentlicht 30.12.2010 19:00:03
  • Zuletzt bearbeitet 16.06.2026 23:23:40

The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a N...

  • EPSS 0.8%
  • Veröffentlicht 30.12.2010 19:00:03
  • Zuletzt bearbeitet 16.06.2026 23:23:40

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR i...

Warnung Medienbericht Exploit
  • EPSS 71.9%
  • Veröffentlicht 14.12.2010 16:00:04
  • Zuletzt bearbeitet 16.06.2026 23:24:36

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted hea...

Warnung Medienbericht
  • EPSS 17.79%
  • Veröffentlicht 14.12.2010 16:00:04
  • Zuletzt bearbeitet 16.06.2026 23:24:36

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory direct...

  • EPSS 0.41%
  • Veröffentlicht 10.12.2010 19:00:04
  • Zuletzt bearbeitet 16.06.2026 23:23:42

The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command...

  • EPSS 9.5%
  • Veröffentlicht 06.12.2010 21:05:48
  • Zuletzt bearbeitet 16.06.2026 23:24:18

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an uninte...