Search:Vulnerability:12.04.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

GNU core utilities symbolic links race conditions
Published: 12.04.2005
Source: BUGTRAQ
SecurityVulns ID: 4667
Type: local
Level: 5/10
Description: If -m option is used in mkdir, mknod, mkfifo it's possible to change permissions for any file.

Affected: GNU : coreutils 5.2

Original document Imran Ghory, GNU Core Utilities race condition file-permissions vulnerability Software: mkdir, mknod, mkfifo Version: Part of GNU Core Utilities 5.2.1 (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)

OpenText FirstClass client code execution
Published: 12.04.2005
Source: BUGTRAQ
SecurityVulns ID: 4669
Type: remote
Level: 5/10
Description: Internet Bokkmark can point to UNC resource.

Affected: CENTRINITY : FirstClass 8.0

Original document dila, OpenText FirstClass 8.0 Client Arbitrary File Execution (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)

DeluxeFTP FTP client weak permissions
Published: 12.04.2005
Source: SECUNIA
SecurityVulns ID: 4671
Type: local
Level: 5/10
Description: FTP sites accounts are stored in world readable file.

Affected: DELUXEFTP : DeluxeFTP 6.01

Original document SECUNIA, [SA14923] DeluxeFTP Disclosure of User Credentials (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)

Smart Cache proxy DoS
Published: 12.04.2005
Source: SECUNIA
SecurityVulns ID: 4672
Type: remote
Level: 5/10

Affected: SMARTCACHE : Smart Cache 0.92

Original document SECUNIA, [SA14746] Smart Cache Forwarder Denial of Service Vulnerability (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)

Pine symbolic links problem
Published: 12.04.2005
Source: SECUNIA
SecurityVulns ID: 4673
Type: local
Level: 5/10
Description: Symbolic links problem in rpdump utility.

Affected: UW : pine 4.62

Original document SECUNIA, [SA14899] Pine rpdump File Creation Race Condition Vulnerability (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)

portupgrade symbolic links problem
Published: 12.04.2005
Source: SECUNIA
SecurityVulns ID: 4674
Type: local
Level: 5/10
Description: Insecure temporary files creation.

Affected: PORTUPGRADE : portupgrade 20041226

Original document SECUNIA, [SA14903] portupgrade Insecure Temporary File Creation Vulnerability (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)

Multiple Mozilla / Firefox / Thunderbird browsers bugs
updated since 02.03.2005
Published: 12.04.2005
Source: SECUNIA
SecurityVulns ID: 4545
Type: client
Level: 6/10
Description: Symbolic links problem, crossite XML data access, form autocomplete feature information leak, buffer overflows, data spoofing, invalid certificates handlings.

Affected: MOZILLA : Mozilla 1.6
MOZILLA : Firefox 1.0
MOZILLA : Thunderbird 1.0

Original document mikx, Firescrolling 2 [Firefox 1.0.1) (12.04.2005)

SECUNIA, [SA13258] Mozilla / Firefox "Save Link As" Download Dialog Spoofing (01.03.2005)

SECUNIA, [SA14406] Mozilla Firefox Image Javascript URI Dragging Cross-Site Scripting (01.03.2005)

SECUNIA, [SA14407] Mozilla / Firefox / Thunderbird Multiple Vulnerabilities (01.03.2005)

Discuss: Read or add your comments to this news (0 comments)

KDE desktop environment PCX graphics format buffer overflow
updated since 12.04.2005
Published: 23.04.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 4670
Type: library
Level: 6/10
Description: Multiple kimgio image reading vulnerabilities.

Affected: KDE : KDE 3.2
KDE : KDE 3.3
KDE : KDE 3.4

Original document KDE, [KDE Security Advisory]: kimgio input validation errors (23.04.2005)

SUSE, [Full-disclosure] SUSE Security Announcement: various KDE security problems (SUSE-SA:2005:022) (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)