oss-security December 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Subject

oss-security By Subject

SubjectAuthor Date
[oss-security] [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.]
 Solar Designer 09 Dec 2010
 Tavis Ormandy 09 Dec 2010
[oss-security] Breaking the links: Exploiting the linker
 Tim Brown 16 Dec 2010
 Justin Ossevoort 15 Dec 2010
 Tomas Hoger 15 Dec 2010
 Tim Brown 15 Dec 2010
[oss-security] Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities"
 Steven M. Christey 06 Dec 2010
[oss-security] clamav 0.96.5 released
 Josh Bressers 03 Dec 2010
 Hanno Böck 03 Dec 2010
 Thomas Biege 03 Dec 2010
[oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)
 Tomas Hoger 09 Dec 2010
 Pierre Joye 08 Dec 2010
 Tomas Hoger 07 Dec 2010
 Vincent Danen 06 Dec 2010
 Steven M. Christey 06 Dec 2010
 Vincent Danen 06 Dec 2010
[oss-security] CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: [oss-security] CVE request: opensc buffer overflow ]
 Jan Lieskovsky 22 Dec 2010
[oss-security] CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants
 Jan Lieskovsky 21 Dec 2010
 Josh Bressers 16 Dec 2010
 Jan Lieskovsky 16 Dec 2010
[oss-security] CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws
 Jan Lieskovsky 23 Dec 2010
[oss-security] CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header
 Josh Bressers 02 Dec 2010
 Jan Lieskovsky 02 Dec 2010
[oss-security] CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)
 Josh Bressers 22 Dec 2010
 Jan Lieskovsky 21 Dec 2010
[oss-security] CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol
 Jan Lieskovsky 23 Dec 2010
[oss-security] CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)
 Jan Lieskovsky 01 Dec 2010
[oss-security] CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message
 Huzaifa Sidhpurwala 31 Dec 2010
 Jan Lieskovsky 27 Dec 2010
[oss-security] CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issues
 Josh Bressers 02 Dec 2010
 Jan Lieskovsky 02 Dec 2010
[oss-security] CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definition
 Josh Bressers 06 Dec 2010
 Jan Lieskovsky 03 Dec 2010
[oss-security] CVE Request: CrawlTrack < 3.2.7 - remote php code execution
 Anthon Pang 31 Dec 2010
[oss-security] CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12
 Josh Bressers 22 Dec 2010
 Hanno Böck 16 Dec 2010
[oss-security] CVE request: kernel: bfa driver sysfs crash
 Josh Bressers 09 Dec 2010
 Eugene Teo 08 Dec 2010
[oss-security] CVE request: kernel: buffer overflow in OSS load_mixer_volumes
 Huzaifa Sidhpurwala 31 Dec 2010
 Dan Rosenberg 31 Dec 2010
[oss-security] CVE request: kernel: CAN information leak, 2nd attempt
 Steven M. Christey 20 Dec 2010
 Dan Rosenberg 20 Dec 2010
 Petr Matousek 20 Dec 2010
 Dan Rosenberg 20 Dec 2010
 Petr Matousek 20 Dec 2010
[oss-security] CVE request: kernel: failure to revert address limit override in OOPS error path
 Josh Bressers 02 Dec 2010
 Dan Rosenberg 02 Dec 2010
[oss-security] CVE request: kernel: igb panics when receiving tag vlan packet
 Josh Bressers 06 Dec 2010
 Eugene Teo 06 Dec 2010
[oss-security] CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES
 Eugene Teo 23 Dec 2010
[oss-security] CVE request: kernel: NULL pointer dereference in AF_ECONET
 Eugene Teo 09 Dec 2010
 Nelson Elhage 09 Dec 2010
[oss-security] CVE request: libvirt when compiled with openvz support has a potential security hole
 Vincent Danen 08 Dec 2010
 Eugene Teo 08 Dec 2010
 Vincent Danen 08 Dec 2010
[oss-security] CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method
 Eugene Teo 15 Dec 2010
 Marcus Meissner 15 Dec 2010
[oss-security] CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability
 Josh Bressers 16 Dec 2010
 David Hicks 15 Dec 2010
[oss-security] CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability
 Josh Bressers 16 Dec 2010
 David Hicks 15 Dec 2010
[oss-security] CVE request: mybb before 1.4.11 and before 1.4.12
 Hanno Böck 06 Dec 2010
[oss-security] CVE Request: MyBB XSS bugs
 Josh Bressers 22 Dec 2010
 Ulrik Persson 20 Dec 2010
[oss-security] CVE request: opensc buffer overflow
 Josh Bressers 22 Dec 2010
 Jamie Strandboge 21 Dec 2010
 Ludwig Nussel 21 Dec 2010
[oss-security] CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability
 Anthon Pang 31 Dec 2010
[oss-security] CVE request: openx unknown vulnerability before 2.8.7
 Josh Bressers 06 Dec 2010
 Anthon Pang 06 Dec 2010
 Hanno Böck 06 Dec 2010
[oss-security] CVE request: vanilla forums before 2.0.10, xss
 Josh Bressers 07 Dec 2010
 Steven M. Christey 06 Dec 2010
 Josh Bressers 06 Dec 2010
 Hanno Böck 06 Dec 2010
[oss-security] CVE Request: Wireshark
 Ulrik Persson 31 Dec 2010
[oss-security] CVE request: wordpress before 3.0.4 XSS
 Hanno Böck 30 Dec 2010
[oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo
 Steven M. Christey 09 Dec 2010
 Ludwig Nussel 09 Dec 2010
 Josh Bressers 07 Dec 2010
 Raphael Geissert 07 Dec 2010
[oss-security] CVE-2010-2094: PECL's phar code is vulnerable too
 Eygene Ryabinkin 26 Dec 2010
[oss-security] Exim remote root
 Mark J Cox 10 Dec 2010
[oss-security] Exim security issue in historical release
 nigel_at_nospam 13 Dec 2010
[oss-security] Fix for CVE-2010-4524 and CVE-2010-1677 ready for verfication
 Earl Hood 30 Dec 2010
[oss-security] FYI -- Tor v0.2.1.28 addressing CVE-2010-1676 -- remotely exploitable heap-based buffer overflow
 Jan Lieskovsky 21 Dec 2010
[oss-security] Interesting behavior with struct initiailization
 Geoff Keating 03 Dec 2010
 Robert Seacord 03 Dec 2010
[oss-security] IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe
 Tomas Hoger 29 Dec 2010
 Moritz Muehlenhoff 24 Dec 2010
[oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 release
 Pierre Joye 13 Dec 2010
 Vincent Danen 13 Dec 2010
 Pierre Joye 13 Dec 2010
 Vincent Danen 13 Dec 2010
[oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses
 Solar Designer 09 Dec 2010
 Solar Designer 09 Dec 2010
 Nelson Elhage 08 Dec 2010
 Solar Designer 08 Dec 2010
 Solar Designer 08 Dec 2010
 Dan Rosenberg 02 Dec 2010
 Nelson Elhage 02 Dec 2010
[oss-security] Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap check
 Josh Bressers 10 Dec 2010
 Petr Matousek 10 Dec 2010
Breaking the links: Exploiting the linker
 Jamie Nguyen 22 Dec 2010
 Tim Brown 22 Dec 2010
 Jamie Nguyen 22 Dec 2010
 Tim Brown 16 Dec 2010
 Ralf Wildenhues 16 Dec 2010
Clarifications on the D-Bus specification
 Havoc Pennington 13 Dec 2010
 Rmi Denis-Courmont 11 Dec 2010
CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900)
 Tomas Hoger 08 Dec 2010
 Maksymilian Arciemowicz 08 Dec 2010
 Tomas Hoger 08 Dec 2010
 Maksymilian Arciemowicz 07 Dec 2010
CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS)
 Earl Hood 30 Dec 2010
 Jeff Breidenbach 30 Dec 2010
 Raphael Geissert 22 Dec 2010
 Earl Hood 21 Dec 2010
CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol
 Johannes Stezenbach 23 Dec 2010
 Nicolas Sebrecht 23 Dec 2010
 John Goerzen 23 Dec 2010
 dave b 23 Dec 2010
CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part)
 Ludwig Nussel 16 Dec 2010
 Mark Stosberg 01 Dec 2010
 Reed Loden 01 Dec 2010
CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability
 Anthon Pang 31 Dec 2010
CVE-2010-2094: PECL's phar code is vulnerable too
 Felipe Pena 26 Dec 2010
 Eygene Ryabinkin 26 Dec 2010
 Felipe Pena 26 Dec 2010
Interesting behavior with struct initiailization
 Bhadrinath 05 Dec 2010
 Dan Rosenberg 05 Dec 2010
 Bhadrinath 05 Dec 2010
 Bhadrinath 05 Dec 2010
Issues without CVE names in PHP 5.3.4/5.2.15 release
 Raphael Geissert 13 Dec 2010
NULL byte poisoning fix in php 5.3.4+
 Steven M. Christey 09 Dec 2010
 Pierre Joye 09 Dec 2010
 Steven M. Christey 09 Dec 2010
 Pierre Joye 09 Dec 2010
 Pierre Joye 09 Dec 2010