Linux | Core Security

The 'udev' Linux application is prone to a local privilege-escalation vulnerability because it fails to properly handle netlink messages.

Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system.

A design error has been discovered in GNOME's gEdit, which can be exploited by sending a malicious file to vulnerable victims.

This module exploits a specific flaw in the Hewlett-Packard Graphics Language

filter. Inadequate bounds checking on the pen width and pen color

opcodes result in an arbitrary memory overwrite allowing for the

execution of arbitrary code as the "hgltops" process uid.

-Linux Support added

This module exploits a vulnerability in Apple CUPS, when handling the IPP_TAG_UNSUPPORTED which could be exploited by attackers to cause a remote pre-authentication denial of service.

This module exploits a remote command injection vulnerability in Ston3DWebPlayer and Ston3DStandalonePlayer via an specially crafted STK file.

This module exploits a local privilege escalation vulnerability in certain packages shipped with Sun xVM VirtualBox for the Linux platform.

A design error has been discovered in GNOME's Dia, which can be exploited by sending a malicious file to vulnerable victims.

This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in the customdictionaryopen() method in Javascript api. This can be exploited to cause a heap overflow when a specially crafted PDF file is opened.

This module exploits a command injection in Adobe Flash Player triggered when processing a specially crafted SWF file. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This exploit needs the product Adobe Air (Any version) installed on the vulnerable system.

PeerCast is prone to a remote buffer overflow vulnerability. This can facilitate a remote compromise due to arbitrary code execution.

Subscribe to Linux

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum