Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other versions, allows remote attackers to execute arbitrary code via a playlist (.KPL) file with a long Title field. Date published : 2011-09-02 http://www.securityfocus.com/bid/49342 http://secunia.com/advisories/45264
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors. Date published : 2011-09-02 http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8 https://bugzilla.redhat.com/show_bug.cgi?id=709662
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via...
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack." Date published : 2011-09-02 http://shibboleth.internet2.edu/secadv/secadv_20110725.txt...
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the –no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack....
fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umount, which allows local users to unmount arbitrary directories via unspecified vectors. Date published : 2011-09-02...
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack. Date published : 2011-09-02 http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse;a=commit;h=bf5ffb5fd8558bd799791834def431c0cee5a11f http://www.openwall.com/lists/oss-security/2011/02/02/2
Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open,...
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial...