Several implementation errors in the dissector of the Wireshark network traffic analyzer for the ASN.1 BER protocol and in the SigComp Universal Decompressor Virtual Machine may lead to the execution of arbitrary code.
George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code.
Charlie Miller has discovered two vulnerabilities in OpenOffice.org Impress, which can be exploited by malicious people to compromise a user's system and execute arbitrary code.
Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: cross-site Scripting, open redirection, SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution. More details can be found in the Typo3 security advisory.
Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems:
Jeremy James discovered that in zope-ldapuserfolder, a Zope extension used to authenticate against an LDAP server, the authentication code does not verify the password provided for the emergency user. Malicious users that manage to get the emergency user login can use this flaw to gain administrative access to the Zope instance, by providing an arbitrary password.
Alasdair Kergon discovered that the cluster logical volume manager daemon (clvmd) in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
Two security issues have been discovered in Ghostscript, the GPL PostScript/PDF interpreter. The Common Vulnerabilities and Exposures project identifies the following problems:
SquirrelMail, a webmail application, does not employ a user-specific token for webforms. This allows a remote attacker to perform a Cross Site Request Forgery (CSRF) attack. The attacker may hijack the authentication of unspecified victims and send messages or change user preferences among other actions, by tricking the victim into following a link controlled by the offender.
Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems:
A stack overflow vulnerability was found in socat that allows an attacker to execute arbitrary code with the privileges of the socat process.
It was discovered that wget, a command line tool for downloading files from the WWW, uses server-provided file names when creating local files. This may lead to code execution in some scenarios.
It was discovered that a programming error in the archive test mode of cabextract, a program to extract Microsoft Cabinet files, could lead to the execution of arbitrary code.
Several vulnerabilities have been discovered in the Avahi mDNS/DNS-SD daemon. The Common Vulnerabilities and Exposures project identifies the following problems:
It was discovered that in lftp, a command-line HTTP/FTP client, there is no proper validation of the filename provided by the server through the Content-Disposition header; attackers can use this flaw by suggesting a filename they wish to overwrite on the client machine, and then possibly execute arbitrary code (for instance if the attacker elects to write a dotfile in a home directory).
Kevin Finisterre discovered that several integer overflows in the TIFF library could lead to the execution of arbitrary code.
It was discovered that moin, a python clone of WikiWiki, does not sufficiently sanitize parameters when passing them to the add_msg function. This allows a remote attackers to conduct cross-site scripting (XSS) attacks for example via the template parameter.
It was discovered that a buffer overflow in the MIME library GMime might lead to the execution of arbitrary code.
Tomas Hoger discovered that the upstream fix for CVE-2009-3995 was insufficient. This update provides a corrected package.