Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 108 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2010-3248

Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors.

Published: September 07, 2010; 2:00:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-2954

The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via multiple unsuccessful calls to bind on an AF_IRDA (aka PF_IRDA) socket.

Published: September 03, 2010; 4:00:04 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2010-2226

The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.

Published: September 03, 2010; 4:00:03 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2010-3116

Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.

Published: August 24, 2010; 4:00:02 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-3115

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.

Published: August 24, 2010; 4:00:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-3114

The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/.

Published: August 24, 2010; 4:00:02 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-3113

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController.

Published: August 24, 2010; 4:00:02 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-2808

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.

Published: August 19, 2010; 2:00:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2807

FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2806

Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.

Published: August 19, 2010; 2:00:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2805

The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2541

Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2527

Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2520

Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2010-2519

Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2500

Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2499

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2498

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2008

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

Published: July 13, 2010; 4:30:01 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2010-0832

pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to "user file stamps" and the motd.legal-notice file.

Published: July 12, 2010; 12:30:01 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM