Fixed a number of very serious errors in the us²€�† �† ��j�€#�Nš~€E�†J�h.net/bug.php?id=55439">
If crypt() is executed with MD5 salts, the return value
consists of the salt only. DES and BLOWFISH salts work as
expectedurl>https://bugs.php.net/bug.php?id=55439
¸ �† �† � ‚8�€‚6�†J�‚6rl>
https://www.mozilla.org/security/announce/2011/mfsa2011-10.html
2011-03-01
2011-03-01
openldap -- two security bypass vuln¾À�† �† � ‚8�€‚6�†J�‚6r crash with HTML5 databases. Credit to Google
Chrome Security Team (Inferno).
[58319] Low Prevent excessive file dialogs, possibly leading to
browser crash. Credit to Cezary Tomczak (gosu.pl).
[59554] High Use after free in history handling. Credit to Stefan
Troger.
opera
10.11
opera-devel
10.20_2,1
http://www.adobe.com/support/security/bulletins/apsb09-197-14
2009-12-09
ruby -- heap overflÑ �† �† ��#���Åp€!�†J�!5132/">
A security issue has been reported in SLiM, which can be
exploited by malicious, local users to disclose sensitive
information.
�†œk_‚�
nagios -- web interface privilege escalation vulnerability
nagios
3.0.5
nagios2
2.12_2Ýà�† �† � ‚8�€‚6�†J�‚6ion>
CVE-2008-3231
http://www.xinehq.de/index.php/news
http://xforce.iss.net/xforce/xfdb/44040
2008-07-13
2008-10-19
openfire -- unspecified denial of service
CVE-2007-4650
25580
2007-08-29
2007-11-09
ðÀ�† �† ��@
€:�xÃ�„�†J�>0b2-001921ab2fa4">
p5-Mail-SpamAssassin -- local user symlink-attack DoS vulnerability
p5-Mail-SpamAssassin
3.2Spamöà�† �† � ‚8�€‚6�†J�‚6 For communication
between these filters context structures are used. These
are usually allocated on the stack and passed to the
filter functions. At most places the OpenPGP data stream
fed into these filters is closed before the context
structure gets deallocated. While decryptingý€�† �† � ‚8�€‚6�†J�‚6ties had been reported in various
versions of PostgreSQL:
- The EXECUTE restrictions can be bypassed by using the
AGGREGATE function, which is missing a permissions check.
- A buffer overflow exists in gram.y which could allow an
attacker to execute arbitrary code by sendƒ �† �† ����°�D„ã>°�^²6´�†J�� javascript had been disabled in the preferences6770
CAN-2006-0884
Announce of Horde H3 3.0.8 (final):
This [3.0.8several of Horde's templates.
None of the vulnerabilities can à�† �† � ‚8�€‚6�†J�‚6 an
html form in the GForge login page and when the user press
the login button, he/she send the credentials to the
attackers website.
The 'forgot your password?' feature allows a remote user
to load a certain URL to cause the service to send a
validation e-mail to the spec–€�† �† �����Uò@€��Nú}’�†J��A web server running Gallery can be exploited for arbitrary
PHP code execution through the use of a maliciously crafted
URL4-2124
œ �† �† ��w�®�AÖ€G�†J�uhttp://www.ethereal.com/appnotes/enpa-sa-000183-09
2005-03-14
2005-06-24
grip -- CDDB response mul¢À�† �† �
‚��€‚��EÃ}�†"(‚�lashstatus=false
2004-10-21
2005-01-18
2005-02-23
ImageMagick -- PSD handler heap¨à�† �† ��B�¶�v‚>€
�†J�@
socat
1.4.0.3Socat Security Advisory 1 states:
socat up to v¯€�† �† ��h��P‚™p€Y�†J�f>CVE-2004-074September/026463.html
2004-09-15
2004-09-15
SA-04:09.kadmind
2004-05-05
2004-05-05
CVS path validation errors