diff options
-rw-r--r-- | ports-mgmt/portaudit-db/database/portaudit.txt | 3 | ||||
-rw-r--r-- | security/portaudit-db/database/portaudit.txt | 3 | ||||
-rw-r--r-- | security/vuxml/vuln.xml | 93 |
3 files changed, 93 insertions, 6 deletions
diff --git a/ports-mgmt/portaudit-db/database/portaudit.txt b/ports-mgmt/portaudit-db/database/portaudit.txt index acccad8a2e90..c6eded4eb5bc 100644 --- a/ports-mgmt/portaudit-db/database/portaudit.txt +++ b/ports-mgmt/portaudit-db/database/portaudit.txt @@ -62,6 +62,3 @@ gnutls-devel>=1.1.*<1.1.12|http://www.hornik.sk/SA/SA-20040802.txt http://secuni ripmime<1.3.2.3|http://www.osvdb.org/8287 http://secunia.com/advisories/12201|ripMIME attachment extraction bypass|85e19dff-e606-11d8-9b0a-000347a4fa7d squid<2.5.5_11|http://www.osvdb.org/6791|Squid NTLM authentication helper overflow|f72ccf7c-e607-11d8-9b0a-000347a4fa7d acroread<5.09|http://www.osvdb.org/7429 http://freshmeat.net/projects/acrobatreader/?branch_id=92&release_id=164883|Acrobat Reader handling of malformed uuencoded pdf files|ab166a60-e60a-11d8-9b0a-000347a4fa7d -png<=1.2.5_7|http://www.securityfocus.com/archive/1/370853 http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 http://www.kb.cert.org/vuls/id/388984 http://www.kb.cert.org/vuls/id/236656 http://www.kb.cert.org/vuls/id/160448 http://www.kb.cert.org/vuls/id/477512 http://www.kb.cert.org/vuls/id/817368 http://www.kb.cert.org/vuls/id/286464|libPNG stack-based buffer overflow and other code concerns|f9e3e60b-e650-11d8-9b0a-000347a4fa7d -linux-png<=1.0.14_3|http://www.securityfocus.com/archive/1/370853 http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 http://www.kb.cert.org/vuls/id/388984 http://www.kb.cert.org/vuls/id/236656 http://www.kb.cert.org/vuls/id/160448 http://www.kb.cert.org/vuls/id/477512 http://www.kb.cert.org/vuls/id/817368 http://www.kb.cert.org/vuls/id/286464|libPNG stack-based buffer overflow and other code concerns|f9e3e60b-e650-11d8-9b0a-000347a4fa7d -linux-png>=1.2.*<=1.2.2|http://www.securityfocus.com/archive/1/370853 http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 http://www.kb.cert.org/vuls/id/388984 http://www.kb.cert.org/vuls/id/236656 http://www.kb.cert.org/vuls/id/160448 http://www.kb.cert.org/vuls/id/477512 http://www.kb.cert.org/vuls/id/817368 http://www.kb.cert.org/vuls/id/286464|libPNG stack-based buffer overflow and other code concerns|f9e3e60b-e650-11d8-9b0a-000347a4fa7d diff --git a/security/portaudit-db/database/portaudit.txt b/security/portaudit-db/database/portaudit.txt index acccad8a2e90..c6eded4eb5bc 100644 --- a/security/portaudit-db/database/portaudit.txt +++ b/security/portaudit-db/database/portaudit.txt @@ -62,6 +62,3 @@ gnutls-devel>=1.1.*<1.1.12|http://www.hornik.sk/SA/SA-20040802.txt http://secuni ripmime<1.3.2.3|http://www.osvdb.org/8287 http://secunia.com/advisories/12201|ripMIME attachment extraction bypass|85e19dff-e606-11d8-9b0a-000347a4fa7d squid<2.5.5_11|http://www.osvdb.org/6791|Squid NTLM authentication helper overflow|f72ccf7c-e607-11d8-9b0a-000347a4fa7d acroread<5.09|http://www.osvdb.org/7429 http://freshmeat.net/projects/acrobatreader/?branch_id=92&release_id=164883|Acrobat Reader handling of malformed uuencoded pdf files|ab166a60-e60a-11d8-9b0a-000347a4fa7d -png<=1.2.5_7|http://www.securityfocus.com/archive/1/370853 http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 http://www.kb.cert.org/vuls/id/388984 http://www.kb.cert.org/vuls/id/236656 http://www.kb.cert.org/vuls/id/160448 http://www.kb.cert.org/vuls/id/477512 http://www.kb.cert.org/vuls/id/817368 http://www.kb.cert.org/vuls/id/286464|libPNG stack-based buffer overflow and other code concerns|f9e3e60b-e650-11d8-9b0a-000347a4fa7d -linux-png<=1.0.14_3|http://www.securityfocus.com/archive/1/370853 http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 http://www.kb.cert.org/vuls/id/388984 http://www.kb.cert.org/vuls/id/236656 http://www.kb.cert.org/vuls/id/160448 http://www.kb.cert.org/vuls/id/477512 http://www.kb.cert.org/vuls/id/817368 http://www.kb.cert.org/vuls/id/286464|libPNG stack-based buffer overflow and other code concerns|f9e3e60b-e650-11d8-9b0a-000347a4fa7d -linux-png>=1.2.*<=1.2.2|http://www.securityfocus.com/archive/1/370853 http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 http://www.kb.cert.org/vuls/id/388984 http://www.kb.cert.org/vuls/id/236656 http://www.kb.cert.org/vuls/id/160448 http://www.kb.cert.org/vuls/id/477512 http://www.kb.cert.org/vuls/id/817368 http://www.kb.cert.org/vuls/id/286464|libPNG stack-based buffer overflow and other code concerns|f9e3e60b-e650-11d8-9b0a-000347a4fa7d diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 56635fed5c76..7ea68d9a286c 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -66,6 +66,9 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. <mlist msgid="200407222031.25086.bugtraq@beyondsecurity.com">http://www.securityfocus.com/archive/1/369706</mlist> <url>http://www.samba.org/samba/whatsnew/samba-3.0.5.html</url> <url>http://www.samba.org/samba/whatsnew/samba-2.2.10.html</url> + <url>http://www.osvdb.org/8190</url> + <url>http://www.osvdb.org/8191</url> + <url>http://secunia.com/advisories/12130</url> </references> <dates> <discovery>2004-07-14</discovery> @@ -233,6 +236,9 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </description> <references> <url>http://www.osvdb.org/6704</url> + <cvename>CAN-2004-0708</cvename> + <bid>10568</bid> + <url>http://secunia.com/advisories/11807</url> </references> <dates> <discovery>2004-05-04</discovery> @@ -4108,10 +4114,97 @@ misc.c: <url>http://bugzilla.mozilla.org/show_bug.cgi?id=252198</url> <url>http://www.nd.edu/~jsmith30/xul/test/spoof.html</url> <url>http://secunia.com/advisories/12188</url> + <bid>10832</bid> </references> <dates> <discovery>2004-07-19</discovery> <entry>2004-07-30</entry> </dates> </vuln> + + <vuln vid="f9e3e60b-e650-11d8-9b0a-000347a4fa7d"> + <topic>libPNG stack-based buffer overflow and other code concerns</topic> + <affects> + <package> + <name>png</name> + <range><le>1.2.5_7</le></range> + </package> + <package> + <name>linux-png</name> + <range><le>1.0.14_3</le></range> + <range><ge>1.2.*</ge><le>1.2.2</le></range> + </package> + <package> + <name>firefox</name> + <range><lt>0.9.3</lt></range> + </package> + <package> + <name>linux-mozilla</name> + <range><lt>1.7.2</lt></range> + </package> + <package> + <name>linux-mozilla-devel</name> + <range><lt>1.7.2</lt></range> + </package> + <package> + <name>mozilla</name> + <range><lt>1.7.2,2</lt></range> + <range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range> + </package> + <package> + <name>mozilla-gtk1</name> + <range><lt>1.7.2</lt></range> + </package> + <package> + <name>netscape-{communicator,navigator}</name> + <range><le>4.78</le></range> + </package> + <package> + <name>linux-netscape-{communicator,navigator}</name> + <name>{ja,ko}-netscape-{communicator,navigator}-linux</name> + <range><le>4.8</le></range> + </package> + <package> + <name>{,ja-}netscape7</name> + <range><le>7.1</le></range> + </package> + <package> + <name>{de-,fr-,pt_BR-}netscape7</name> + <range><le>7.02</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Chris Evans has discovered multiple vulnerabilities in libpng, + which can be exploited by malicious people to compromise a + vulnerable system or cause a DoS (Denial of Service).</p> + </body> + </description> + <references> + <mlist msgid="Pine.LNX.4.58.0408041840080.20655@sphinx.mythic-beasts.com">http://www.securityfocus.com/archive/1/370853</mlist> + <url>http://scary.beasts.org/security/CESA-2004-001.txt</url> + <url>http://www.osvdb.org/8312</url> + <url>http://www.osvdb.org/8313</url> + <url>http://www.osvdb.org/8314</url> + <url>http://www.osvdb.org/8315</url> + <url>http://www.osvdb.org/8316</url> + <cvename>CAN-2004-0597</cvename> + <cvename>CAN-2004-0598</cvename> + <cvename>CAN-2004-0599</cvename> + <certvu>388984</certvu> + <certvu>236656</certvu> + <certvu>160448</certvu> + <certvu>477512</certvu> + <certvu>817368</certvu> + <certvu>286464</certvu> + <url>http://secunia.com/advisories/12219</url> + <url>http://secunia.com/advisories/12232</url> + <url>http://bugzilla.mozilla.org/show_bug.cgi?id=251381</url> + </references> + <dates> + <discovery>2004-08-04</discovery> + <entry>2004-08-04</entry> + <modified>2004-08-05</modified> + </dates> + </vuln> </vuxml> |