# $NetBSD: pkg-vulnerabilities,v 1.4094 2011/09/29 22:33:56 tez Exp $ # #FORMAT 1.0.0 # # Note: If this file format changes, please do not forget to update # pkgsrc/mk/scripts/genreadme.awk which also parses this file. # # Note: NEVER remove entries from this file; this should document *all* # known package vulnerabilities so it is entirely appropriate to have # multiple entries in this file for a single package. # # New entries should be added at the end of this file. # # Please ask pkgsrc-security to update the copy on ftp.NetBSD.org after # making changes to this file. # # The command to run for this update is "make upload", but it needs # access to the private GPG key for pkgsrc-security. # # If you have comments/additions/corrections, please contact # security-alert@NetBSD.org and/or pkgsrc-security@NetBSD.org. # # package type of exploit URL cfengine<1.5.3nb3 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-013.txt.asc navigator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html navigator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc communicator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html communicator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc pine<4.30 remote-user-shell http://www.securityfocus.com/bid/1709 pine<4.21nb1 denial-of-service http://www.securityfocus.com/advisories/2646 imap-uw<4.7c6 denial-of-service http://www.securityfocus.com/advisories/2646 screen<3.9.5nb1 local-root-shell http://www.securityfocus.com/advisories/2634 ntop<1.1 remote-root-shell http://www.securityfocus.com/advisories/2520 wu-ftpd<2.6.1 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-010.txt.asc wu-ftpd<2.4.2b18.2 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc xlockmore<4.17 local-root-file-view ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-003.txt.asc lsof<4.41 local-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-005.txt.asc wu-ftpd<2.6.0 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc racoon<20001004a local-root-file-view http://mail-index.NetBSD.org/tech-net/2000/09/24/0000.html global<3.56 remote-user-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=11165 apache<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 apache6<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 thttpd<2.20 remote-user-access http://www.dopesquad.net/security/advisories/20001002-thttpd-ssi.txt bind<8.2.2.7 denial-of-service http://www.isc.org/products/BIND/bind-security.html gnupg<1.0.4 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001017 pine<=4.21 remote-root-shell ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc navigator<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc navigator3<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc openssh<2.3.0 weak-authentication http://www.openbsd.org/errata27.html#sshforwarding ethereal<=0.8.13 remote-root-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Ffromthread%3D1%26end%3D2000-11-25%26mid%3D145761%26start%3D2000-11-19%26list%3D1%26threads%3D0%26 php<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-gd<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-ldap<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-mysql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-pgsql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-snmp<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 racoon<20001211a denial-of-service http://www.kame.net/ LPRng<3.6.25 remote-root-shell http://www.cert.org/advisories/CA-2000-22.html jakarta-tomcat<3.1.1 remote-server-admin http://jakarta.apache.org/site/news.html jakarta-tomcat<3.2.3 cross-site-html http://www.securityfocus.com/bid/2982 fsh<1.1 local-root-file-view http://lists.debian.org/debian-security-announce-00/msg00091.html bitchx<1.0.3.17nb1 remote-user-shell http://www.securityfocus.com/bid/2087 namazu<1.3.0.11 remote-file-creation http://www.namazu.org/security.html.en zope<2.2.5 weak-authentication http://www.zope.org/Products/Zope/ bind<8.2.3 remote-root-shell http://www.cert.org/advisories/CA-2001-02.html suse{,32}_base<6.4nb2 local-root-shell http://www.suse.com/de/support/security/2001_001_glibc_txt.txt ja-micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv ssh<1.2.27nb1 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html ssh6<=1.2.31 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html openssh<2.3.0 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html camediaplay<20010211 local-user-shell ftp://ftp.itojun.org/pub/digi-cam/C-400/unix/README analog<4.16 remote-user-shell http://www.analog.cx/security2.html gnupg<1.0.4nb3 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001130 xemacs<21.1.14 remote-user-shell http://list-archive.xemacs.org/xemacs-announce/200102/msg00000.html sudo<1.6.3p6 local-root-shell http://www.openbsd.org/errata36.html#sudo Mesa-glx<=20000813 local-root-shell http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-029.php3?dis=7.2 apache<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html apache6<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html exmh<2.3 local-symlink-race http://www.beedub.com/exmh/symlink.html samba<2.0.8 local-symlink-race http://www.securityfocus.com/templates/archive.pike?list=1&mid=177370 hylafax<4.1b3 local-root-shell http://www.securityfocus.com/archive/1/176716 squirrelmail<1.0.5 remote-user-access http://www.geocrawler.com/lists/3/SourceForge/599/500/5567091/ kdelibs-2.1 local-root-shell http://dot.kde.org/988663144/ icecast<1.3.10 remote-user-access http://www.securityfocus.com/bid/2264 joe<2.8nb1 local-file-write http://www.securityfocus.com/bid/1959 joe<2.8nb1 local-user-shell http://www.securityfocus.com/bid/2437 openssh<2.9.2 remote-file-write http://www.openbsd.org/errata.html#sshcookie w3m<0.2.1.0.19nb1 remote-user-shell http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html samba<2.0.10 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0nb1 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html fetchmail<5.8.8 remote-user-access http://www.securityfocus.com/vdb/?id=2877 openldap<1.2.12 denial-of-service http://www.cert.org/advisories/CA-2001-18.html horde<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 imp<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 fetchmail<5.8.17 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D203165 windowmaker<0.65.1 remote-user-shell http://www.debian.org/security/2001/dsa-074 sendmail<8.11.6 local-root-shell ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES gnut<0.4.27 remote-script-inject http://www.gnutelliums.com/linux_unix/gnut/ screen<3.9.10 local-root-shell http://freshports.org/files.php3?id=31131 openssh<2.9.9.2 remote-user-access http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=216702&start=2001-09-23&end=2001-09-29 w3m<0.2.1.0.19nb2 weak-authentication http://mi.med.tohoku.ac.jp/~satodai/w3m-dev/200109.month/2226.html procmail<3.20 local-root-shell http://www.somelist.com/mail.php/282/view/1200950 slrn<0.9.7.2nb1 remote-script-inject http://slrn.sourceforge.net/patches/index.html#subsect_decode nvi-m17n<1.79.19991117 local-user-shell http://www.securityfocus.com/archive/1/221880 mgetty<1.1.22 denial-of-service ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A71.mgetty.asc kdeutils-2.2.1 local-root-shell http://lists.kde.org/?l=kde-announce&m=100535642201983&w=2 imp<2.2.7 remote-file-view http://www.securityfocus.com/archive/1/225686 libgtop<1.0.12nb1 remote-user-shell http://www.intexxia.com/ wu-ftpd<=2.6.1 remote-root-shell http://msgs.securepoint.com/cgi-bin/get/bugtraq0111/199.html radius-3.6B remote-user-shell http://xforce.iss.net/alerts/advise87.php exim<3.34 remote-user-shell http://www.exim.org/pipermail/exim-announce/2001q4/000048.html stunnel<3.22 remote-user-shell http://www.stunnel.org/patches/desc/formatbug_ml.html mutt<1.2.5.1 remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.1* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.2[0-4]* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html cyrus-sasl<1.5.27 remote-code-execution http://www.securityfocus.com/bid/3498 openldap<2.0.20 denial-of-service http://www.openldap.org/lists/openldap-announce/200201/msg00002.html xchat<1.8.7 remote-command-inject http://xchat.org/ enscript<1.6.1nb1 local-file-write http://www.securityfocus.com/bid/3920 rsync<2.5.2 remote-code-execution http://lists.samba.org/pipermail/rsync-announce/2002-January/000005.html squirrelmail-1.2.[0-3] remote-code-execution http://www.securityfocus.com/bid/3952 gnuchess<5.03 remote-user-shell http://linux.oreillynet.com/pub/a/linux/2002/01/28/insecurities.html ucd-snmp<4.2.3 weak-authentication http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3 denial-of-service http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3nb1 remote-user-shell http://www.securityfocus.com/archive/1/248141 squid<2.4.4 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_1.txt ap-php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.1pl2 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.3.0 remote-code-execution http://www.php.net/release_4_3_1.php radiusd-cistron<1.6.6 denial-of-service http://www.kb.cert.org/vuls/id/936683 radiusd-cistron<1.6.6 remote-code-execution http://www.kb.cert.org/vuls/id/589523 openssh<3.0.2.1nb2 local-root-shell http://www.pine.nl/advisories/pine-cert-20020301.txt htdig<3.1.6 denial-of-service http://online.securityfocus.com/bid/3410 htdig<3.1.6 local-user-file-view http://online.securityfocus.com/bid/3410 fileutils<4.1.7 local-file-removal http://mail.gnu.org/pipermail/bug-fileutils/2002-March/002433.html zlib<1.1.4 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt rsync<2.5.3 remote-user-file-view http://lists.samba.org/pipermail/rsync-announce/2002-March/000006.html suse{,32}_base<6.4nb5 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt icecast<1.3.11 remote-root-shell http://www.debian.org/security/2001/dsa-089 sun-{jre,jdk}<1.3.1.0.2 remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba analog<5.22 remote-script-inject http://www.analog.cx/docs/whatsnew.html jakarta-tomcat<3.2.3nb1 cross-site-scripting http://httpd.apache.org/info/css-security/ sudo<1.6.6 local-root-shell http://www.globalintersec.com/adv/sudo-2002041701.txt squirrelmail<1.2.6 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00414.html analog<5.23 denial-of-service http://www.analog.cx/security5.html icecast<1.3.12 denial-of-service http://online.securityfocus.com/bid/4415 qpopper<4.0.4 denial-of-service http://online.securityfocus.com/bid/4295 qpopper<4.0.4nb1 local-root-shell http://online.securityfocus.com/bid/4614 imap-uw<2001.1 local-root-shell http://online.securityfocus.com/bid/4713 fetchmail<5.9.10 remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0146 gaim<0.58 local-user-file-view http://online.securityfocus.com/archive/1/272180 mozilla<1.0rc3 remote-user-file-view http://groups.google.com/groups?as_umsgid=3CD095D4.9050003%40mozilla.org&hl=en ethereal<0.9.4 remote-user-access http://www.ethereal.com/appnotes/enpa-sa-00004.html bind-9.[01].* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.0* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.1rc* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-8.3.0 denial-of-service http://www.isc.org/products/BIND/bind8.html xchat<1.8.9 remote-user-shell http://www.linuxsecurity.com/advisories/redhat_advisory-2107.html apache<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache6<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.1? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.2? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.3[0-8]* remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt irssi<0.8.5 denial-of-service http://online.securityfocus.com/archive/1 #ap-ssl<2.8.10 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt ap-ssl<2.8.10 remote-root-shell http://www.modssl.org/news/changelog.html apache<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt apache6<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt bind<4.9.7nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat12<=1.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat13<=1.3.3nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html compat14<=1.4.3 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html openssh<3.4 remote-root-shell http://online.securityfocus.com/bid/5093 #bind<=9.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html bind<8.3.3 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html socks5<1.0.2nb2 remote-root-shell http://online.securityfocus.com/archive/1/9842 socks5-1.0.[3-9]* remote-root-shell http://online.securityfocus.com/archive/2/9842 socks5-1.0.1[0-1]* remote-root-shell http://online.securityfocus.com/archive/2/9842 ipa<1.2.7 local-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=17434 ethereal<0.9.5 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00005.html squid<2.4.7 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_3.txt nn<6.6.4 remote-user-shell http://online.securityfocus.com/bid/5160 inn<2.3.0 remote-user-shell http://online.securityfocus.com/bid/2620 cvsup-gui<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html cvsup<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html xpilot<4.5.1 remote-user-shell http://online.securityfocus.com/bid/4534 gnut<0.4.28 remote-user-shell http://online.securityfocus.com/bid/3267/ wwwoffle<2.7c denial-of-service http://bespin.org/~qitest1/adv/wwwoffle-2.7b.asc png<1.2.4 remote-user-shell ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207 php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html ap-php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html srp_client<1.7.5 unknown http://www-cs-students.stanford.edu/~tjw/srp/download.html hylafax<4.1.3 remote-root-shell http://www.securityfocus.com/bid/3357 openssl<0.9.6e remote-root-shell http://www.openssl.org/news/secadv_20020730.txt libmm<1.2.1 local-root-shell http://online.securityfocus.com/bid/5352 openssl<0.9.6f denial-of-service http://www.openssl.org/news/secadv_20020730.txt png<=1.0.12 remote-user-shell http://online.securityfocus.com/bid/5409 kdelibs-2.1.* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.1* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.2{,nb1} weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-3.0.[12] weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 arla<=0.35.8 denial-of-service http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html arla<=0.35.8 remote-root-shell http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html ethereal<0.9.6 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00006.html bind<4.9.10 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14-crypto<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 postgresql-server<7.2.2 remote-code-execution http://online.securityfocus.com/archive/1/288998 gaim<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 gaim-gnome<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 mozilla<1.1 remote-file-read http://archives.neohapsis.com/archives/bugtraq/2002-07/0259.html mozilla<1.1 remote-file-read http://www.geocities.co.jp/SiliconValley/1667/advisory03e.html freebsd_lib<=2.2.7 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html opera<6.03 remote-user-shell http://www.opera.com/linux/changelog/log603.html wmnet<1.06nb3 local-root-shell http://www.securiteam.com/unixfocus/5HP0F1P8AM.html apache-2.0.3[0-9]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 apache-2.0.4[0-1]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 fetchmail<=6.0.0 remote-code-execution http://security.e-matters.de/advisories/032002.html unzip<=5.42 local-file-write http://online.securityfocus.com/archive/1/196445 apache-2.0.3[0-9]* remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache-2.0.4[0-2]* remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 net-snmp<5.0.5 denial-of-service http://sourceforge.net/forum/forum.php?forum_id=215540 sendmail<8.12.6nb1 local-user-shell http://www.sendmail.org/smrsh.adv.txt apache<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache6<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache6<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache6<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 gv<3.5.8nb2 local-user-shell http://www.epita.fr/~bevand_m/asa/asa-0000 logsurfer<1.5.2 local-user-shell http://www.cert.dfn.de/eng/team/wl/logsurf/ suse{,32}_base<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html suse{,32}_devel<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html kdegraphics<2.2.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdegraphics-3.0.[123]* remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdenetwork-3.0.[123]* remote-file-read http://www.kde.org/info/security/advisory-20021008-2.txt gtar-base<1.13.25 local-file-write http://online.securityfocus.com/archive/1/196445 kth-krb4<1.2.1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/6049 inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/4501 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5825 fetchmail<6.1.0 denial-of-service http://online.securityfocus.com/bid/5826 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5827 squirrelmail<1.2.8 remote-script-inject http://online.securityfocus.com/bid/5763 bind<4.9.10nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html bind<8.3.3nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html samba-2.2.[2-6]* remote-root-shell http://www.samba.org/samba/whatsnew/samba-2.2.7.html windowmaker<0.80.2 remote-user-shell http://www.windowmaker.org/ ssh<3.2.2 local-root-shell http://www.kb.cert.org/vuls/id/740619 w3m<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html w3m-img<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html Canna-server-bin<3.5.2nb3 remote-root-shell http://canna.sourceforge.jp/sec/Canna-2002-01.txt windowmaker<0.80.2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1277 kdelibs-2.1.* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.1* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.2{,nb[123]} remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.[123]* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.4 remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdenetwork-2.[12]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.[123]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.4{,nb1} remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt cyrus-imapd<2.0.17 remote-code-execution http://www.securityfocus.com/bid/6298 cyrus-imapd-2.1.9{,nb1} remote-code-execution http://www.securityfocus.com/bid/6298 imap-uw<2002.1rc1 remote-code-execution http://www.kb.cert.org/vuls/id/961489 cyrus-sasl-2.1.9{,nb[12]} remote-code-execution http://online.securityfocus.com/archive/1/302603 fetchmail<6.2.0 remote-code-execution http://security.e-matters.de/advisories/052002.html mysql-client<3.23.49nb2 remote-code-execution http://security.e-matters.de/advisories/042002.html mysql-server<3.23.49nb1 remote-code-execution http://security.e-matters.de/advisories/042002.html pine<4.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320 w3m{,-img}<0.3.2.2 remote-file-read http://sourceforge.net/project/shownotes.php?group_id=39518&release_id=126233 ethereal<0.9.8 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00007.html wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344 wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 ssh<=3.2.2 denial-of-service http://www.rapid7.com/advisories/R7-0009.txt cups<1.1.18 remote-root-shell http://www.idefense.com/advisory/12.19.02.txt png<1.2.5nb2 unknown ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212 leafnode<1.9.30 denial-of-service http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0123.html cups<=1.1.17 local-code-execution http://online.securityfocus.com/bid/6475 xpdf<=2.01 local-code-execution http://online.securityfocus.com/bid/6475 mhonarc<2.5.14 cross-site-scripting http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com libmcrypt<2.5.5 remote-user-shell http://online.securityfocus.com/archive/1/305162/2003-01-01/2003-01-07/0 kdebase<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegames<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegraphics<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdelibs<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdemultimedia<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdenetwork<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdepim<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdesdk<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdeutils<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt cvs<1.11.4nb1 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=51 gabber<0.8.7nb4 privacy-leak http://online.securityfocus.com/archive/1/307430 spamassassin<=2.43nb1 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html p5-Mail-SpamAssassin<=2.43nb1 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html squirrelmail<1.2.11 cross-site-scripting http://www.squirrelmail.org/ openssl<0.9.6gnb1 weak-encryption http://www.openssl.org/news/secadv_20030219.txt php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.3{,nb1} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 sendmail<8.11.6nb3 remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7] remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7]nb* remote-code-execution http://www.cert.org/advisories/CA-2003-07.html snort<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-pgsql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-mysql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 hypermail<2.1.7 remote-code-execution http://www.hypermail.org/mail-archive/2003/Feb/0025.html zlib<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107 ethereal-0.8.[7-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html ethereal-0.9.[0-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html qpopper<4.0.5 remote-user-shell http://archives.neohapsis.com/archives/bugtraq/2003-03/0152.html ircII<20030313 remote-code-execution http://eterna.com.au/ircii/ samba<2.2.8 remote-code-execution http://us1.samba.org/samba/whatsnew/samba-2.2.8.html openssl<0.9.6gnb2 remote-key-theft http://www.openssl.org/news/secadv_20030317.txt openssl<0.9.6gnb2 remote-use-of-secret http://www.openssl.org/news/secadv_20030319.txt mutt<1.4.1 remote-code-execution http://www.securityfocus.com/archive/1/315771/2003-03-19/2003-03-25/0 rxvt<2.7.10 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 eterm<0.9.2 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 apcupsd<3.8.6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0098 apcupsd-3.10.[0-4] remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0098 ap-php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ja-samba<2.2.7.1.1.1 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030317-2.html bitchx<1.0.3.19nb1 remote-code-execution http://www.securityfocus.com/archive/1/315057 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apache-2.0.4[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apcupsd<3.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 apcupsd-3.10.[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 setiathome<3.08 remote-code-execution http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Seti@home samba<=2.2.8 remote-root-access http://lists.samba.org/pipermail/samba-announce/2003-April/000065.html mgetty+sendfax<1.1.29 file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392 mgetty+sendfax<1.1.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391 ja-samba<2.2.7.2.1.0 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030409-2.html kde<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdelibs<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdebase<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdegraphics<3.1.1nb2 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt snort<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-pgsql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-mysql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 poppassd<4.0.5nb1 local-root-shell http://www.securityfocus.com/archive/1/319811/2003-04-26/2003-05-02/0 ethereal<0.9.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00009.html gnupg<1.2.2 weak-authentication http://www.securityfocus.com/archive/1/320444 lv<4.49.5 local-code-execution http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=190941 bitchx<1.0.3.19nb2 denial-of-service http://www.securityfocus.com/archive/1/321093 suse{,32}_libpng<7.3nb1 remote-user-shell http://www.suse.com/de/security/2003_004_libpng.html apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 apache-2.0.4[0-5] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 suse{,32}_base<7.3nb4 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html suse{,32}_devel<7.3nb2 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html cups<1.1.19 denial-of-service http://www.cups.org/str.php?L75 speakfreely<=7.5 remote-code-execution http://www.securityfocus.com/archive/1/324257/2003-06-06/2003-06-12/0 ethereal<0.9.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00010.html xpdf<2.02pl1 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.07 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.08 remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-July/006342.html ImageMagick<5.5.7.1 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455 apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 apache-2.0.4[0-6] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 falcons-eye<1.9.3nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0358 xconq<7.4.1nb1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0607 mhonarc<2.6.4 cross-site-scripting http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=3128&group_id=1968 wu-ftpd<=2.6.2 remote-root-shell http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt lftp<2.5.3 remote-user-shell http://freshmeat.net/releases/87364/ postfix<=1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0468 postfix<=1.1.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0540 xfstt<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0581 xfstt<1.5.1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0625 stunnel<3.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 stunnel-4.0[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 ssh2<3.2.5 weak-authentication http://www.ssh.com/company/newsroom/article/454/ horde<2.2.4rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 imp<3.2.2rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 gopher<3.0.6 remote-root-shell http://www.securityfocus.com/archive/1/328843/2003-08-18/2003-08-24/2 unzip<5.50nb2 weak-path-validation http://www.securityfocus.com/archive/1/334070/2003-08-18/2003-08-24/2 xmule<=1.4.3 remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-August/008449.html sendmail-8.12.[0-8]nb* denial-of-service http://www.sendmail.org/dnsmap1.html exim<3.36 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html exim>=4<4.22 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html leafnode<1.9.42 denial-of-service http://www.securityfocus.com/archive/1/336186 p5-Apache-Gallery<0.7 local-user-shell http://www.securityfocus.com/archive/1/336583/2003-09-06/2003-09-12/0 pine<4.58 remote-code-execution http://www.idefense.com/advisory/09.10.03.txt net-snmp<5.0.9 privacy-leak http://sourceforge.net/forum/forum.php?forum_id=308015 gtkhtml<1.1.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0541 sane-backends<1.0.11 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0773 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0774 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0775 sane-backends<1.0.11 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0776 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0777 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0778 apache<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 apache6<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 mysql-server<3.23.49nb5 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-September/009819.html openssh<3.7.1 denial-of-service http://www.openssh.org/txt/buffer.adv openssh+gssapi<3.6.1.2.20030430nb2 denial-of-service http://www.openssh.org/txt/buffer.adv sendmail<8.12.10 unknown http://www.sendmail.org/8.12.10.html thttpd<2.23.0.1nb1 remote-code-execution http://marc.theaimsgroup.com/?l=thttpd&m=106402145912879&w=2 openssh<3.7.1.2 remote-code-execution http://www.openssh.com/txt/sshpam.adv proftpd<1.2.8nb2 remote-root-shell http://xforce.iss.net/xforce/alerts/id/154 cfengine-2.0.[0-7]* remote-code-execution http://www.securityfocus.com/archive/1/339083/2003-09-22/2003-09-28/0 mplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 gmplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 marbles<1.0.2nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0830 ncftp3<3.1.6 remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 openssl<0.9.6k remote-root-shell http://www.openssl.org/news/secadv_20030930.txt vmware3<3.2.1pl1 local-root-shell http://marc.theaimsgroup.com/?l=gentoo-announce&m=106181867621048&w=2 fetchmail<6.2.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0790 kdelibs<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ kdebase<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ silc-client<0.9.13 denial-of-service http://silcnet.org/txt/security_20031016_1.txt silc-server<0.9.14 denial-of-service http://silcnet.org/txt/security_20031016_1.txt sylpheed-claws-0.9.4{,nb1} denial-of-service http://www.guninski.com/sylph.html vtun<2.6nb1 privacy-leak ftp://ftp.netbsd.org/pub/NetBSD/packages/distfiles/LOCAL_PORTS/vtun-26to30.patch libnids<=1.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850 apache<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache6<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 apache-2.0.4[0-7] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 sun-{jre,jdk}13<1.0.9 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity sun-{jre,jdk}14<2.0 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity thttpd<2.24 remote-code-execution http://www.texonet.com/advisories/TEXONET-20030908.txt coreutils<5.0nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853 coreutils<5.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854 hylafax<4.1.8 remote-code-execution http://www.securiteam.com/unixfocus/6O00D0K8UI.html quagga<0.96.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 zebra<0.93bnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 pan<0.13.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0855 ethereal<0.9.15 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00011.html mozilla{,-bin}<1.5 remote-code-execution http://www.mozilla.org/projects/security/known-vulnerabilities.html screen<4.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0972 gnupg<1.2.3nb2 weak-authentication http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html rsync<2.5.7 remote-user-shell http://www.mail-archive.com/rsync@lists.samba.org/msg08782.html audit-packages<1.26 no-exploit-but-less-integrity-so-please-upgrade http://mail-index.netbsd.org/tech-pkg/2003/11/30/0001.html cvs<1.11.10 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=84 lftp<2.6.10 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-December/014824.html opera<7.23 remote-file-delete http://opera.rainyblue.org/modules/cjaycontent/index.php?id=1 mgetty+sendfax<=1.1.30 file-permissions http://mail-index.netbsd.org/tech-pkg/2003/11/18/0003.html cvs<1.11.11 privilege-escalation https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=88 ethereal<0.10.0 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00012.html bind<8.4.3 cache-poisoning http://www.kb.cert.org/vuls/id/734644 mpg321<0.2.10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0969 mailman<2.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965 racoon<20040116a remote-sa-delete http://www.securityfocus.com/archive/1/349756 gaim<0.75nb1 remote-code-execution http://security.e-matters.de/advisories/012004.html freeradius<0.9.3 denial-of-service http://www.freeradius.org/security.html#0.9.2 libtool-base<1.5.2nb3 local-symlink-race http://www.securityfocus.com/archive/1/352519 jitterbug<1.6.2nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0028 mpg123<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-esound<0.59.18nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-nas<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 clamav<0.66 denial-of-service http://www.securityfocus.com/archive/1/353186 mutt<1.4.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0078 metamail<2.7nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104 xboing<2.4nb2 privilege-escalation http://www.debian.org/security/2004/dsa-451 libxml2<2.6.6 remote-user-shell http://lists.gnome.org/archives/xml/2004-February/msg00070.html automake<1.8.3 privilege-escalation http://www.securityfocus.com/archive/1/356574/2004-03-05/2004-03-11/2 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.? remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.4[0-8] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache6<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 gdk-pixbuf<0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0111 openssl<0.9.6l denial-of-service http://www.openssl.org/news/secadv_20031104.txt openssl<0.9.6m denial-of-service http://www.openssl.org/news/secadv_20040317.txt isakmpd<=20030903nb1 denial-of-service http://www.rapid7.com/advisories/R7-0018.html ghostscript-gnu<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-nox11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-x11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 python22<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 python22-pth<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 squid<2.5.5 weak-acl-enforcement http://www.squid-cache.org/Advisories/SQUID-2004_1.txt ethereal<0.10.3 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00013.html mplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 gmplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 mencoder<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 heimdal<0.6.1 remote-trust http://www.pdc.kth.se/heimdal/advisory/2004-04-01/ uulib<0.5.20 archive-code-execution http://www.securityfocus.com/bid/9758 racoon<20040408a weak-authentication http://www.vuxml.org/freebsd/d8769838-8814-11d8-90d1-0020ed76ef5a.html xchat<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7] remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7]nb* remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8nb1 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-gnome<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html cvs<1.11.15 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=102 neon<0.24.5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179 tla<1.2.1rc1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 cadaver<0.22.1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 lha<1.14i local-code-execution http://www2m.biglobe.ne.jp/~dolphin/lha/lha-unix.htm mplayer>=1.0rc0<1.0rc4 remote-code-execution http://www.mplayerhq.hu/homepage/design6/news.html xine-lib-1rc[0-2]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 xine-lib-1rc3[ab]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 rsync<2.6.1 remote-file-write http://rsync.samba.org/#security_apr04 exim<3.36nb2 remote-code-execution http://www.guninski.com/exim1.html exim>=4<4.30 remote-code-execution http://www.guninski.com/exim1.html exim-exiscan-4.[0-2]* remote-code-execution http://www.guninski.com/exim1.html pine<4.58nb4 local-symlink-race http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=22226 xine-lib-1rc[0-3]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-3 global<4.6 remote-exec http://savannah.gnu.org/forum/forum.php?forum_id=2029 opera<7.50 remote-file-write http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities&flashstatus=true lha<114.9nb2 remote-code-execution http://www.securityfocus.com/bid/10243 apache<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache6<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache6<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache6<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 kdelibs<3.2.2nb2 remote-file-write http://www.kde.org/info/security/advisory-20040517-1.txt subversion-base<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 subversion-base<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap2-subversion<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap2-subversion<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 neon<0.24.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cvs-1.11.1[0-5] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cadaver<0.22.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 ap-ssl<2.8.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 squirrelmail<1.4.3 cross-site-scripting http://www.securityfocus.com/bid/10246/ ethereal<0.10.4 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00014.html apache-2.0.49{,nb1} remote-code-execution http://www.securityfocus.com/bid/10355 roundup<0.7.3 remote-file-read http://cvs.sourceforge.net/viewcvs.py/*checkout*/roundup/roundup/CHANGES.txt?rev=1.533.2.21 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.1[0-6]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 subversion-base<1.0.5 denial-of-service http://www.contactor.se/~dast/svn/archive-2004-06/0331.shtml racoon<20040617a weak-authentication http://www.securitytracker.com/alerts/2004/Jun/1010495.html mit-krb5<1.3.4 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt imp<3.2.4 cross-site-scripting http://securityfocus.com/bid/10501/info/ gmplayer<1.0rc4nb2 remote-code-execution http://www.open-security.org/advisories/5 ethereal<0.10.5 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00015.html courier-auth<0.45 remote-code-execution http://www.securityfocus.com/bid/9845 courier-imap<3.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 sqwebmail<4.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 ap-ssl<2.8.19 remote-code-execution http://www.mail-archive.com/modssl-users@modssl.org/msg16853.html ap2-subversion<1.0.6 weak-acl-enforcement http://www.contactor.se/~dast/svn/archive-2004-07/0814.shtml samba<2.2.10 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html samba-3.0.[0-4]{,a*,nb?} remote-code-execution http://www.samba.org/samba/whatsnew/samba-3.0.5.html ja-samba<2.2.9.1.0nb1 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html acroread5<5.09 arbitrary-code-execution http://kb2.adobe.com/cps/322/322914.html png<1.2.6rc1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-7.3{,nb1} remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-9.1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng<=6.4 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt mozilla{,-gtk2}{,-bin}<1.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 mozilla{,-gtk2}{,-bin}<1.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 firefox{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 firefox{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 thunderbird{,-gtk2}{,-bin}<0.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 thunderbird{,-gtk2}{,-bin}<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 cfengine-2.0.* remote-code-execution http://www.securityfocus.org/advisories/7045 cfengine-2.1.[0-7] remote-code-execution http://www.securityfocus.org/advisories/7045 spamassassin<2.64 denial-of-service http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2 kdelibs<3.2.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 kdelibs<3.2.3nb2 local-account-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 kdelibs<3.2.3nb2 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 kdebase<3.2.3nb1 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 opera<7.54 remote-file-read http://www.greymagic.com/security/advisories/gm008-op/ opera<7.54 www-address-spoof http://secunia.com/advisories/12162 rsync<2.6.2nb1 remote-file-access http://samba.org/rsync/#security_aug04 lukemftpd-[0-9]* remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc tnftpd<20040810 remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc demime<1.1d denial-of-service http://scifi.squawk.com/demime.html kdelibs<3.2.3nb2 www-session-fixation http://www.kde.org/info/security/advisory-20040823-1.txt fidogate<4.4.9nb1 local-file-write http://sourceforge.net/tracker/index.php?func=detail&aid=1013726&group_id=10739&atid=310739 qt3-libs<3.3.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=0 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=1 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=2 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=3 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=4 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=5 gaim<0.82 denial-of-service http://gaim.sourceforge.net/security/index.php?id=6 zlib<1.2.1nb2 denial-of-service http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html imlib2<1.1.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802 mit-krb5<1.3.4nb2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt mit-krb5<1.3.4nb2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt mpg123<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-esound<0.59.18nb2 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-nas<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808 heimdal<0.6.3 remote-root-access http://www.pdc.kth.se/heimdal/advisory/2004-09-13/ MozillaFirebird{,-gtk2}{,-bin}<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ mozilla<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-bin<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-gtk2<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ thunderbird<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-bin<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-gtk2<0.8 remote-code-execution http://secunia.com/advisories/12526/ xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 sudo-1.6.8 local-file-read http://www.sudo.ws/sudo/alerts/sudoedit.html apache-2.0.[0-4]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 wv<=1.0.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645 apache-2.0.51 weak-acl-enforcement http://nagoya.apache.org/bugzilla/show_bug.cgi?id=31315 apache-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 apache6-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 ImageMagick<6.0.6.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827 ap2-subversion<1.0.8 metadata-leak http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt squid<2.5.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832 MozillaFirebird{,-gtk2}{,-bin}<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html gzip-base<1.2.4b remote-code-execution http://www.securityfocus.com/bid/3712 squid<2.5.7 denial-of-service http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities tiff<3.6.1nb4 remote-code-execution http://scary.beasts.org/security/CESA-2004-006.txt tiff<3.6.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804 tiff<3.6.1nb4 denial-of-service http://securitytracker.com/id?1011674 ap-ssl<2.8.20 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 sox<12.17.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557 ssmtp<2.61 remote-user-access http://lists.debian.org/debian-security-announce-2004/msg00084.html kdegraphics-3.2.* denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt kdegraphics-3.3.{0,0nb1,1} denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt samba-2.2.[1-9] denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.10 denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.[1-9] remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 samba-2.2.{10,11} remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 ja-samba<2.2.12.0.9.1 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 postgresql-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql73-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql74-server-7.4.[1-5]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 cabextract<1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0916 mpg123<=0.59.18nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-esound<=0.59.18nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-nas<=0.59.18nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 socat<=1.4.0.2 privilege-escalation http://www.nosystem.com.ar/advisories/advisory-07.txt ruby-base<1.6.8nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0983 gnats<4 privilege-escalation http://www.securityfocus.com/archive/1/326337 mozilla<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ mozilla-bin<1.7.3nb1 local-file-write http://secunia.com/advisories/12956/ mozilla-gtk2<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ MozillaFirebird{,-gtk2}{,-bin}<1.0 local-file-write http://secunia.com/advisories/12956/ firefox<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-bin<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2-bin<1.0 local-file-write http://secunia.com/advisories/12956/ thunderbird<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-gtk2<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-bin<0.8nb1 local-file-write http://secunia.com/advisories/12956/ sudo<1.6.8pl3 privilege-escalation http://www.gratisoft.us/sudo/alerts/bash_functions.html gnats<4.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0623 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0938 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0960 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0961 samba<2.2.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba-3.0.[0-7]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba-3.0.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 ja-samba-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 squirrelmail<1.4.3anb1 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 ja-squirrelmail<1.4.3anb3 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 snownews<1.5 unsafe-umask http://kiza.kcore.de/software/snownews/changes#150 liferea<0.6.2 unsafe-umask http://sourceforge.net/project/shownotes.php?release_id=282434 libxml2<2.6.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 libxml<1.8.17nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 sun-{jre,jdk}13<1.0.12nb1 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 xpdf<3.00pl1 remote-code-execution http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml php-curl<=4.3.1 local-file-read http://www.securityfocus.com/bid/11557 jabberd-2.0s[23]* remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd-2.0s4 remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd<1.4.2nb4 denial-of-service http://www.securityfocus.com/archive/1/375955 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025 imlib<1.9.15nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 kdelibs<3.3.2nb1 plain-text-password-exposure http://www.kde.org/info/security/advisory-20041209-1.txt kdegraphics<3.3.2 denial-of-service http://www.kde.org/info/security/advisory-20041209-2.txt kdelibs<3.3.2nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt kdebase<3.3.2nb1 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt phpmyadmin-2.6.0-pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.[4-5]* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0-pl* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 namazu<2.0.14 cross-site-scripting http://www.namazu.org/security.html.en {ap-,}php<4.3.10 remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php<4.3.10 local-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* local-code-execution http://www.hardened-php.net/advisories/012004.txt cyrus-imapd-2.2.[4-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-5]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-7]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[7-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd-2.2.1[0-1]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd<2.1.18 remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd<2.1.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 ethereal-0.9.* remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html ethereal-0.10.[0-7]{,nb*} remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html tcpdump<3.8.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989 tcpdump<=3.8.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 netpbm<9.26 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0924 pwlib<1.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097 leafnode<1.9.48 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2004-01 lbreakout<2.4beta2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0158 ap-python<2.7.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0973 logcheck<1.1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0404 zope<2.5.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0688 flim<1.14.3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0422 gnome-vfs<1.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0494 cups<1.1.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 openoffice<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 openoffice-linux<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817 apache-2.0.51* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0811 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 mysql-server-4.0.[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 mysql-server-4.0.[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 mysql-server-4.0.1[0-8] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 mysql-server-4.0.1[0-8]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 mysql-server-4.1.[01] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 mysql-server-4.1.[01]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 mysql-server<3.23.49 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 mysql-server-4.0.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 mysql-server-4.0.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 mysql-server-4.0.1[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 mysql-server-4.0.1[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 mysql-server-4.0.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 mysql-server-4.0.20nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 mysql-server<3.23.49 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 mysql-server-4.0.[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 mysql-server-4.0.[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 mysql-server-4.0.1[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 mysql-server-4.0.1[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 mysql-server-4.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 mysql-server-4.0.20nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 cyrus-sasl<2.1.19 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0884 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0889 cups<1.1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0923 apache-2.0.3[5-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.3[5-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2]nb[1-4] weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 openmotif<2.1.30nb3 denial-of-service http://www.ics.com/developers/index.php?cont=xpm_security_alert catdoc<=0.91 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0193 gd<2.0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941 gd<2.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0990 ImageMagick<6.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 lesstif<0.94.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xorg-libs<6.8.1nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 XFree86-libs<4.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xpm<3.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 groff<1.19.1nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969 zip<2.3nb3 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1010 openssl<0.9.6mnb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0975 mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=166&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=167&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=168&type=vulnerabilities cscope<15.4nb4 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0996 acroread5<5.10 remote-code-execution http://www.adobe.com/support/techdocs/331153.html a2ps<4.13.0.2nb5 unsafe-shell-escape http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1170 a2ps<4.13.0.2nb7 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023 tiff<3.6.1nb6 buffer-overrun http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities xpdf<3.00pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities xzgv<0.8.0.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0994 xine-lib-1rc[2-5]* remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-4 xine-lib<1rc6 remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-5 gpdf<2.8.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 koffice<1.3.5 integer-overflow http://kde.org/areas/koffice/releases/1.3.4-release.php pdfTexinteTexbin=4<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html exim-exiscan<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html vim<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk2<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-kde<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-motif<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-xaw<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 pcal<4.7nb1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1289 tnftp<20050103 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/tnftp.txt napshare<1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1286 yamt<0.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1302 cups-1.1.2[12]* denial-of-service http://www.cups.org/str.php?L1042+P0+S-1+C0+I0+E0+Q1042 dillo<0.8.3nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0012 tiff<3.6.1nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 hylafax<4.2.1 weak-acl-enforcement http://www.hylafax.org/4.2.1.html teTeX-bin<2.0.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 teTeX-bin<2.0.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 awstats<6.3 local-code-execution http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities ImageMagick<6.1.8.8 remote-code-execution http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities xpdf<3.00pl3 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities cups<1.1.23nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities kdegraphics<3.3.2nb3 remote-code-execution http://www.kde.org/info/security/advisory-20050119-1.txt mysql-client<3.23.58nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.[0-9]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.1[0-9]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.2[0-2]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.23 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.[0-8]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 ethereal<0.10.9 denial-of-service http://ethereal.com/appnotes/enpa-sa-00017.html ethereal<0.10.9 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00017.html koffice<1.3.5nb4 remote-code-execution http://www.kde.org/info/security/advisory-20050120-1.txt squid<2.5.7nb5 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_1.txt squid<2.5.7nb6 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094 squid<2.5.7nb7 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2005_2.txt squid<2.5.7nb8 denial-of-service http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting unarj<2.65nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947 unarj<2.65nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027 suse{,32}_libtiff<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 suse{,32}_x11<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 webmin<1.160 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0559 teTeX-bin<2.0.2nb5 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 sun-{jre,jdk}13<1.0.13 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 evolution12<1.2.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution14<1.4.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution<2.0.3nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 enscript<1.6.3nb1 remote-code-execution http://www.securityfocus.org/advisories/7879 bind-8.4.[4-5]{,nb*} denial-of-service http://www.kb.cert.org/vuls/id/327633 bind-9.3.0 denial-of-service http://www.kb.cert.org/vuls/id/938617 squid<2.5.7nb9 cache-poisoning http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting p5-DBI<1.46nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0077 f2c<20001205nb8 local-file-write http://www.debian.org/security/2005/dsa-661 squid<2.5.7nb10 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_3.txt zope25-Silva<0.9.2.8 privilege-escalation http://mail.zope.org/pipermail/zope-announce/2005-February/001653.html postgresql-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql73-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql74-server-7.4.[1-6]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql80-server-8.0.0* privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} local-root-exploit http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155 perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 python22<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python22-pth<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-pth<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-nth<2.3.4nb2 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24-pth<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ py{15,20,21,22,23,24,25,26,27,31}-xmlrpc<=0.9.8 remote-code-execution http://www.python.org/security/PSF-2005-001/ opera<7.54pl2 remote-code-execution http://secunia.com/advisories/13818/ opera<=7.54pl2 www-address-spoof http://secunia.com/advisories/14154/ firefox{,-bin,-gtk2,-gtk2-bin}<=1.0 www-address-spoof http://secunia.com/advisories/14163/ mozilla{,-bin,-gtk2,-gtk2-bin}<=1.7.5 www-address-spoof http://secunia.com/advisories/14163/ kdebase<=3.3.2nb1 www-address-spoof http://secunia.com/advisories/14162/ apache-2.0.5[0-2]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 fprot-workstation-bin<4.5.3 local-code-execution http://www.f-secure.com/security/fsc-2005-1.shtml mailman<2.1.4nb3 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202 awstats<=6.3nb3 denial-of-service http://www.securityfocus.com/archive/1/390368 awstats<=6.3nb3 remote-code-execution http://www.securityfocus.com/archive/1/390368 sympa<=4.1.2nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0073 bidwatcher<1.3.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0158 kdeedu<=3.3.2 privilege-escalation http://www.kde.org/info/security/advisory-20050215-1.txt emacs-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3nb[0-6] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3nb[0-1] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs<20.7nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs-nox11<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xview-lib<3.2.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0076 clamav<0.82 denial-of-service http://www.securityfocus.com/bid/12408?ref=rss phpmyadmin<2.6.1pl1 cross-site-scripting http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408 phpmyadmin<2.6.1pl1 privacy-leak http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408 curl<7.12.2nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities curl-7.1{2.3,2.3nb1,3.0} remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=7 gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=8 gaim<1.0.2 buffer-overrun http://gaim.sourceforge.net/security/index.php?id=9 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=10 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=11 gaim<1.1.4 denial-of-service http://gaim.sourceforge.net/security/index.php?id=12 unzip<5.52 privilege-escalation http://www.securityfocus.com/archive/1/391677 kdebase<3.3.2 command-injection http://www.kde.org/info/security/advisory-20050101-1.txt kdebase<3.0.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0078 squid<2.5.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 ja-squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 gcpio<2.5nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572 squid<2.5.8 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0173 squid<2.5.8 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2479 squid<2.5.7nb4 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0194 squid<2.5.7nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718 php<3.0.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594 php<3.0.19 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595 mailman<2.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177 ap-python<2.7.9 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0088 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 ja-squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 mailman<2.1.5 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1143 htdig<3.1.6nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0085 postgresql-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql73-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql74-lib<7.4.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql80-lib<8.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 # intagg not installed #postgresql73-lib-7.3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql74-lib-7.4.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql80-lib-8.0.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 postgresql-lib-7.3.[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql73-lib<7.3.9nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql74-lib<7.4.7nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql80-lib<8.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 gftp<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 gftp-gtk1<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 vim-share<6.3.046 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0069 imap-uw<2004b remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0198 unace<1.2.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0160 unace<1.2.2nb1 no-path-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0161 wu-ftpd<2.6.2nb3 denial-of-service http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities cups<1.1.23nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206 ImageMagick<6.2.0.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 cyrus-sasl<2.1.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0373 kdenetwork<=3.1.5 local-domain-spoofing http://www.kde.org/info/security/advisory-20050228-1.txt realplayer<10.6 remote-code-execution http://service.real.com/help/faq/security/050224_player RealPlayerGold<10.0.2 remote-code-execution http://service.real.com/help/faq/security/050224_player firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 dialog-spoofing http://www.mozilla.org/security/announce/mfsa2005-16.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 data-leak http://www.mozilla.org/security/announce/mfsa2005-19.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 download-source-spoofing http://www.mozilla.org/security/announce/mfsa2005-23.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html thunderbird{,-bin,-gtk2}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html thunderbird{,-bin,-gtk2}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html sylpheed<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-claws<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 ethereal<0.10.10 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00018.html xpm<3.4knb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 openmotif<2.1.30nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 lesstif<0.94.0nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 libexif<0.6.11nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0664 putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server<4.0.24 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.[0-9]{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.10{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 kdelibs<3.3.2nb8 denial-of-service http://www.kde.org/info/security/advisory-20050316-1.txt kdelibs<3.3.2nb8 domain-name-spoofing http://www.kde.org/info/security/advisory-20050316-2.txt kdelibs<3.3.2nb8 local-file-write http://www.kde.org/info/security/advisory-20050316-3.txt sun-{jre,jdk}14<2.7 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 xli<1.17.0nb2 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638 xli<1.17.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639 xli<1.17.0nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wine>20000000<20050419 insecure-temp-file http://www.securityfocus.com/archive/1/393150/2005-03-14/2005-03-20/0 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762 ipsec-tools<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-30.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-31.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-32.html sylpheed<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-claws<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 gnupg<1.4.1 information-leak http://lists.gnupg.org/pipermail/gnupg-announce/2005q1/000191.html mit-krb5<1.4nb1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1004 {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1005 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1009 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1090 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1091 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1092 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1093 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1174 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1175 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1176 horde-3.0.[0-3]* cross-site-scripting http://secunia.com/advisories/14730/ gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1772 gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1773 squid<2.5.9nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626 gtk2+<2.6.4nb1 denial-of-service http://secunia.com/advisories/14775/ gdk-pixbuf<0.22.0nb5 denial-of-service http://secunia.com/advisories/14776/ phpmyadmin<2.6.2rc1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=13 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=14 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=15 xorg-libs<6.8.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 XFree86-libs<=4.5.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 netscape7-[0-9]* privacy-leak http://secunia.com/advisories/14804/ netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/14996/ gsharutils<4.2.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0990 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0957 sun-{jre,jdk}15-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}14-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 kdelibs-3.4.0{,nb1,nb2} buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 kdelibs<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 gnome-vfs2-cdda-2.10.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2<2.6.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2-cdda<2.8.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs<1.0.5nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 libcdaudio<0.99.12nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gld<1.5 remote-code-execution http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0005.html pine<4.62nb2 local-file-write http://secunia.com/advisories/14899/ openoffice<1.1.4nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-linux<1.1.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-bin<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 postgrey<1.21 denial-of-service http://secunia.com/advisories/14958/ php-exif<4.3.11 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042 php-exif<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043 cvs<1.11.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753 realplayer<10.6 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html RealPlayerGold<10.0.4 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html heimdal<0.6.4 remote-code-execution http://www.pdc.kth.se/heimdal/advisory/2005-04-20/ mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 quanta-3.1.* remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev<3.3.2nb1 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev-3.4.0 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt firefox{-bin,-gtk2,-gtk2-bin}<1.0.3 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-gtk1}<1.0.2nb1 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-34.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-39.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html gzip-base<1.2.4anb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228 gzip-base<1.2.4anb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 xine-lib<1.0nb2 remote-code-execution http://xinehq.de/index.php/security/XSA-2004-8 imp<3.2.8 cross-site-scripting http://secunia.com/advisories/15077/ lsh<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0826 lsh<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0814 ImageMagick<6.2.2 heap-overflow http://www.overflow.pl/adv/imheapoverflow.txt netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/15103/ ethereal<0.10.10nb1 denial-of-service http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-04/0447.html tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 sqwebmail-[0-9]* cross-site-scripting http://secunia.com/advisories/15119/ php-curl<4.3.11 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392 horde<2.2.8 cross-site-scripting http://secunia.com/advisories/14730/ netscape7-[0-9]* remote-code-execution http://www.networksecurity.fi/advisories/netscape-dom.html netscape7-[0-9]* authentication-spoofing http://secunia.com/advisories/15267/ p5-Convert-UUlib<1.05 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1349 gnutls<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1431 kdewebdev<3.3.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt kdewebdev-3.4.0{,nb1} remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt nasm<0.98.39nb1 remote-code-execution https://bugzilla.redhat.com/beta/show_bug.cgi?id=152963 leafnode<1.11.2 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-01.txt ethereal<0.10.11 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00019.html ethereal<0.10.11 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00019.html gaim<1.3.0 buffer-overflow http://gaim.sourceforge.net/security/index.php?id=16 gaim<1.3.0 denial-of-service http://gaim.sourceforge.net/security/index.php?id=17 squid<2.5.9nb11 domain-name-spoofing http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html tiff<3.7.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1544 bugzilla<2.18.1 information-leak http://www.bugzilla.org/security/2.16.8/ libexif<0.6.12nb1 denial-of-service http://secunia.com/advisories/15259/ maradns<1.0.27 weak-rng-source http://www.maradns.org/download/patches/maradns-1.0.26-rekey_rng.patch p5-Net-SSLeay<1.25 file-permissions http://secunia.com/advisories/15207/ evolution<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0806 postgresql-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql73-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql74-server<7.4.8 privilege-escalation http://www.postgresql.org/about/news.322 postgresql80-server<8.0.3 privilege-escalation http://www.postgresql.org/about/news.322 freeradius<=1.0.2nb1 remote-code-execution http://www.securityfocus.com/bid/13540/ freeradius<=1.0.2nb1 buffer-overflow http://www.securityfocus.com/bid/13541/ mysql-server-4.1.{[0-9],10,11}{,nb*} sql-injection http://secunia.com/advisories/15369/ ImageMagick<6.2.2.3 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-200505-16.xml netscape7-[0-9]* cross-site-scripting http://secunia.com/advisories/15437/ gxine<0.4.5 remote-code-execution http://secunia.com/advisories/15451/ net-snmp<5.1.2nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 net-snmp-5.2.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 gedit<2.10.3 remote-code-execution http://secunia.com/advisories/15454/ squid<2.5.9nb2 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345 qpopper<4.0.6 privilege-escalation http://secunia.com/advisories/15475/ bzip2<1.0.3 denial-of-service http://scary.beasts.org/security/CESA-2005-002.txt openslp<1.2.1 remote-code-execution http://www.securityfocus.com/advisories/8224 mhonarc<2.6.11 cross-site-scripting https://savannah.nongnu.org/bugs/index.php?func=detailitem&item_id=12930 clamav<0.84 osx-privilege-escalation http://www.sentinelchicken.com/advisories/clamav/ ettercap-0.7.2 remote-code-execution http://secunia.com/advisories/15535/ qmail<=1.03 64bit-remote-code-execution http://secunia.com/advisories/15533/ gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 binutils<2.16.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704 kdbg<1.2.9 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0644 mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 http-frame-spoof http://secunia.com/advisories/15601/ mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 dialog-spoofing http://secunia.com/advisories/15489/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 http-frame-spoof http://secunia.com/advisories/15601/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 dialog-spoofing http://secunia.com/advisories/15489/ leafnode<1.11.3 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt xmysqladmin-[0-9]* remote-shell http://www.zataz.net/adviso/xmysqladmin-05292005.txt dbus<0.23.1 local-session-hijacking http://secunia.com/advisories/14119/ gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=18 gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=19 libextractor<0.3.11nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 libextractor<0.4.2 remote-code-execution http://secunia.com/advisories/15651/ tcpdump<3.8.3nb2 denial-of-service http://secunia.com/advisories/15634/ mikmod<3.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0427 postfix<2.1.5nb5 linux-unauthorised-mail-relaying http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0337 squirrelmail<1.4.4nb1 remote-code-execution http://www.squirrelmail.org/security/issue/2005-06-15 opera<8.01 cross-site-scripting http://secunia.com/advisories/15423/ opera<8.01 remote-security-bypass http://secunia.com/secunia_research/2005-4/advisory/ opera<8.01 cross-site-scripting http://secunia.com/secunia_research/2005-5/advisory/ opera<8.01 dialog-spoofing http://secunia.com/advisories/15488/ sun-{jdk,jre}15<5.0.2 remote-user-access http://secunia.com/advisories/15671/ acroread7<7.0.1 remote-information-exposure http://www.adobe.com/support/techdocs/331710.html acroread7<7.0.1 buffer-overflow http://www.adobe.com/support/techdocs/321644.html p5-razor-agents<2.72 denial-of-service http://secunia.com/advisories/15739/ spamassassin<3.0.4 denial-of-service http://secunia.com/advisories/15704/ heimdal<0.6.5 buffer-overflow http://www.pdc.kth.se/heimdal/advisory/2005-06-20/ trac<0.8.4 remote-code-execution http://secunia.com/advisories/15752/ sudo<1.6.8pl9 privilege-escalation http://www.courtesan.com/sudo/alerts/path_race.html gcpio<2.6nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111 gcpio<2.6nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229 tor<0.0.9.10 information-leak http://archives.seul.org/or/announce/Jun-2005/msg00001.html ruby18-base<1.8.2nb2 remote-security-bypass http://secunia.com/advisories/15767/ ruby1{6,8}-xmlrpc4r<1.7.16nb2 remote-security-bypass http://secunia.com/advisories/15767/ asterisk<1.0.8 remote-code-execution http://www.bindshell.net/voip/advisory-05-013.txt p5-CGI<2.94 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* access-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323 realplayer-[0-9]* remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ RealPlayerGold<10.0.5 remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ clamav<0.86.1 denial-of-service http://secunia.com/advisories/15811/ clamav<0.86 denial-of-service http://secunia.com/advisories/15835/ clamav<0.86 denial-of-service http://secunia.com/advisories/15859/ dillo<0.8.5 remote-code-execution http://www.dillo.org/ChangeLog.html p5-Net-Server<0.88 denial-of-service http://www.derkeiler.com/Mailing-Lists/Securiteam/2005-04/0147.html zlib<1.2.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 net-snmp<5.2.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177 bugzilla<2.18.2 information-leak http://www.bugzilla.org/security/2.18.1/ unalz<0.40 buffer-overflow http://www.kipple.pe.kr/win/unalz/ mit-krb5<1.4.2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt mit-krb5<1.4.2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt squirrelmail<1.4.5 remote-file-write http://www.squirrelmail.org/security/issue/2005-07-13 polsms<2.0.2 privilege-escalation http://secunia.com/advisories/16038/ elmo<1.3.2 local-file-write http://secunia.com/advisories/15977/ audit-packages<1.35 no-vulnerability-but-missing-file-format-check-support http://mail-index.netbsd.org/pkgsrc-changes/2005/06/07/0036.html centericq<=4.20.0 local-file-write http://secunia.com/advisories/15913/ phppgadmin<3.5.4 remote-information-exposure http://secunia.com/advisories/15941/ cups<1.1.21rc1 acl-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 cross-site-scripting http://secunia.com/advisories/15549/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 multiple-vulnerabilities http://secunia.com/advisories/16043/ ekg<1.6nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916 ekg<1.6nb2 insecure-temp-files http://www.debian.org/security/2005/dsa-760 ekg<1.6nb2 shell-command-injection http://www.debian.org/security/2005/dsa-760 kdebase-3.[2-3].[0-9]{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt kdebase-3.4.0{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt php<4.3.11nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php<4.3.11nb1 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html fetchmail<6.2.5nb5 remote-user-shell http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt kdenetwork-3.3.* remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt kdenetwork-3.4.{0,0nb*,1} remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt rsnapshot<1.1.7 privilege-escalation http://www.rsnapshot.org/security/2005/001.html zlib<1.2.3 denial-of-service http://secunia.com/advisories/16137/ clamav<0.86.2 denial-of-service http://secunia.com/advisories/16180/ clamav<0.86.2 buffer-overflow http://secunia.com/advisories/16180/ vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<6.3.082 local-code-execution http://secunia.com/advisories/16206/ vim<6.3.082 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368 ethereal<0.10.12 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00020.html ethereal<0.10.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00020.html p5-Compress-Zlib<1.35 denial-of-service http://secunia.com/advisories/16137/ unzip<5.52nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475 rsync<2.6.6 null-pointer-bug http://lists.samba.org/archive/rsync-announce/2005/000032.html msf<2.4nb2 remote-security-bypass http://secunia.com/advisories/16318/ proftpd<1.2.10nb4 format-string http://secunia.com/advisories/16181/ jabberd-2.0s[2-8]{,nb*} buffer-overflows http://secunia.com/advisories/16291/ gopher<3.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1853 gaim<1.4.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370 kadu<0.4.1 denial-of-service http://secunia.com/advisories/16238/ opera<8.02 dialog-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2405 opera<8.02 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2406 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 netpbm<10.28 local-code-execution http://secunia.com/advisories/16184/ acroread5<5.0.11 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1625 acroread5<5.0.11 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1841 apache-2.0.[0-4][0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.5[0-3]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.54{,nb[12]} cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 awstats<6.4nb1 remote-command-execution http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities inkscape<0.42 insecure-temp-files http://secunia.com/advisories/16343/ mysql-server<4.0.25 local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server<4.0.25 buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html xpdf<3.00pl3nb1 denial-of-service http://secunia.com/advisories/16374/ kdegraphics-3.3.[0-9]{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.0{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.1 denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt gaim<1.4.0nb2 denial-of-service http://secunia.com/advisories/16379/ gaim<1.4.0nb2 remote-command-execution http://secunia.com/advisories/16379/ cups<1.1.23nb3 denial-of-service http://secunia.com/advisories/16380/ wine>20000000<20050524nb1 insecure-temp-files http://secunia.com/advisories/16352/ wine-20050725 insecure-temp-files http://secunia.com/advisories/16352/ xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1725 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1726 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0665 kdeedu-3.[0-3].* privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt kdeedu-3.4.{0*,1,2} privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt thunderbird{,-bin,-gtk1}<1.0.5 disabled-scripting-bypass http://www.mozilla.org/security/announce/mfsa2005-46.html netscape7-7.2{,nb*} cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16185/ netscape7-7.2{,nb*} arbitrary-code-execution http://secunia.com/advisories/16044/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16044/ netscape7-7.2{,nb*} local-security-bypass http://secunia.com/advisories/16044/ netscape8<8.0.3.3 local-security-bypass http://secunia.com/advisories/16044/ centericq<4.20.0nb2 denial-of-service http://secunia.com/advisories/16240/ centericq<4.20.0nb2 shell-command-injection http://secunia.com/advisories/16240/ evolution<2.2.2nb2 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html evolution-2.2.3 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html gpdf-2.10.0 denial-of-service http://secunia.com/advisories/16400/ mantis<0.19.2 cross-site-scripting http://secunia.com/advisories/16506/ mantis<0.19.2 sql-injection http://secunia.com/advisories/16506/ elm<2.5.8 remote-user-shell http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0692.html pcre<6.2 arbitrary-code-execution http://secunia.com/advisories/16502/ mplayer<1.0rc7nb2 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt gmplayer<1.0rc7nb1 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt tor<0.1.0.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2643 cvs<1.11.20nb2 local-privilege-escalation http://secunia.com/advisories/16553/ apache-2.0.[1-4][0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.5[0-3]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.54{,nb[123]} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 pam-ldap-169{,nb*} authentication-bypass http://secunia.com/advisories/16518/ pam-ldap-17[0-9]{,nb*} authentication-bypass http://secunia.com/advisories/16518/ gnats<4.1.0nb1 local-file-write http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180 apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.5[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.54{,nb[123]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 phpmyadmin<2.6.4rc1 cross-site-scripting http://secunia.com/advisories/16605/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16539/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16600/ ntp<4.2.0nb7 listener-permissions http://secunia.com/advisories/16602/ phpldapadmin<0.9.6cnb4 authentication-bypass http://secunia.com/advisories/16611/ gopher<3.0.11 buffer-overflow http://secunia.com/advisories/16614/ phpldapadmin<0.9.6cnb4 remote-code-execution http://secunia.com/advisories/16617/ php-5.0.[0-3]{,nb*} remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.[0-3]{,nb*} remote-command-execution http://www.hardened-php.net/advisory_142005.66.html php-5.0.4 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.4 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html gnumeric<1.2.13nb3 arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.[0-2]{,nb*} arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.3 arbitrary-code-execution http://secunia.com/advisories/16584/ apache-2.0.[1-4][0-9]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.5[0-3]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.54{,nb[1234]} weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 ap-ssl<2.8.24 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 nikto<1.35nb1 cross-site-scripting http://secunia.com/advisories/16669/ kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.[01]{,nb*} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.2{,nb1} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2794 squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2796 gg2<2.2.8 denial-of-service http://secunia.com/advisories/16241/ gg2<2.2.8 remote-command-execution http://secunia.com/advisories/16241/ openttd<0.4.0.1nb1 denial-of-service http://secunia.com/advisories/16696/ openttd<0.4.0.1nb1 remote-command-execution http://secunia.com/advisories/16696/ freeradius<1.0.5 sql-injection http://www.freeradius.org/security.html freeradius<1.0.5 denial-of-service http://www.freeradius.org/security.html gcvs<1.0nb2 local-privilege-escalation http://secunia.com/advisories/16553/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ sqwebmail<5.0.4nb2 cross-site-scripting http://secunia.com/advisories/16704/ silc-server<1.0nb1 local-privilege-escalation http://secunia.com/advisories/16659/ chmlib<0.36 remote-command-execution http://morte.jedrea.com/~jedwin/projects/chmlib/ chmlib<0.36 buffer-overflow http://morte.jedrea.com/~jedwin/projects/chmlib/ snort<2.4.0nb1 denial-of-service http://marc.theaimsgroup.com/?l=vuln-dev&m=112655297606335&w=2 xchat<2.4.5 unspecified http://www.xchat.org/ imake>=3<4.4.0nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc xorg-imake<6.8.2nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc clamav<0.87 buffer-overflow http://secunia.com/advisories/16848/ clamav<0.87 denial-of-service http://secunia.com/advisories/16848/ gtexinfo<4.8nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011 rdiff-backup<1.0.1 information-disclosure http://secunia.com/advisories/16774/ arc<5.21enb2 insecure-temp-files http://www.zataz.net/adviso/arc-09052005.txt zebedee<2.5.3 denial-of-service http://sourceforge.net/mailarchive/forum.php?thread_id=8134987&forum_id=2055 openssh<4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798 python24<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python24-pth<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python23<2.3.5nb3 buffer-overflow http://secunia.com/advisories/16793/ python23-pth<2.3.5nb1 buffer-overflow http://secunia.com/advisories/16793/ python23-nth<2.3.5nb2 buffer-overflow http://secunia.com/advisories/16793/ python22<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ python22-pth<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ xorg-libs<6.8.2nb2 buffer-overflow http://secunia.com/advisories/16790/ XFree86-libs<4.4.0nb4 buffer-overflow http://secunia.com/advisories/16777/ mit-krb5<1.8.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488 pam-ldap<180 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 nss_ldap<240 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 opera<8.50 cross-site-scripting http://secunia.com/advisories/16645/ opera<8.50 file-spoofing http://secunia.com/advisories/16645/ bacula<1.36.3nb1 insecure-temp-files http://secunia.com/advisories/16866/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.frsirt.com/english/advisories/2005/1794 ruby16-base<1.6.8nb2 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html ruby18-base<1.8.2nb4 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html hylafax<4.2.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3069 hylafax<4.2.1nb1 insecure-socket http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3070 p7zip<4.27 remote-code-execution http://secunia.com/advisories/16664/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa200 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-58.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-58.html #poppassd-4.[0-9]* local-privilege-escalation http://secunia.com/advisories/16935/ abiword<2.2.10 buffer-overflow http://www.abisource.com/changelogs/2.2.10.phtml eric3<3.7.2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3068 {ap-,}php<4.4.0nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3054 realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 uim<0.4.9.1 privilege-escalation http://lists.freedesktop.org/archives/uim/2005-September/001346.html netscape7-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/16944/ thunderbird{,-bin,-gtk1}<1.0.7 multiple-vulnerabilities http://www.mozilla.org/security/announce/mfsa2005-58.html thunderbird{,-bin,-gtk1}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html squid<2.5.10nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2917 mpeg_encode<1.5bnb3 privilege-escalation http://secunia.com/advisories/17008/ weex<2.6.1nb1 local-code-execution http://secunia.com/advisories/17028/ apachetop<0.12.5nb1 insecure-temp-files http://www.zataz.net/adviso/apachetop-09022005.txt blender<2.37anb2 local-code-execution http://secunia.com/advisories/17013/ blender-2.41 local-code-execution http://secunia.com/advisories/17013/ bugzilla<2.18.4 information-leak http://www.bugzilla.org/security/2.18.4/ imap-uw<2004enb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933 openssl<0.9.7h information-leak http://www.openssl.org/news/secadv_20051011.txt koffice<1.4.2 local-code-execution http://www.kde.org/info/security/advisory-20051011-1.txt phpmyadmin<2.6.4pl2 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4 xine-lib<1.0.3 remote-users-shell http://xinehq.de/index.php/security/XSA-2005-1 unrar<3.5.4 remote-code-execution http://www.rarlabs.com/rarnew.htm curl<7.15.0 remote-code-execution http://curl.haxx.se/mail/lib-2005-10/0061.html wget-1.10 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html wget-1.10.1 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html abiword<2.4.1 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-006.txt clamav<0.87.1 denial-of-service http://secunia.com/advisories/17184/ clamav<0.87.1 denial-of-service http://secunia.com/advisories/17434/ clamav<0.87.1 remote-code-execution http://www.zerodayinitiative.com/advisories/ZDI-05-002.html lynx<2.8.5.3 remote-users-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3120 snort-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-mysql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-pgsql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ graphviz<2.6 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2965 squid<2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3258 ethereal<0.10.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00021.html sudo<1.6.8pl9nb1 privilege-escalation http://www.debian.org/security/2005/dsa-870 chmlib<0.37.3 remote-code-execution http://66.93.236.84/~jedwin/projects/chmlib/ mantis<1.0.0rc3 sql-injection http://secunia.com/advisories/16818/ phpmyadmin<2.6.4pl3 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-5 netpbm<10.25 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978 xli<1.17.0nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wget<1.10 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487 wget<1.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1488 wget-1.9{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 wget-1.9.1{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.77.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.77.html openvpn<2.0.3 denial-of-service http://secunia.com/advisories/17376/ openvpn<2.0.3 remote-code-execution http://secunia.com/advisories/17376/ ethereal<0.10.13nb1 denial-of-service http://secunia.com/advisories/17370/ chmlib<0.36 remote-code-execution http://www.idefense.com/application/poi/display?id=332&type=vulnerabilities&flashstatus=true fetchmailconf<6.2.5nb3 insecure-file-permissions http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt skype<1.2.0.18 remote-code-execution http://secunia.com/advisories/17305/ python21<2.1.3nb8 remote-code-execution http://secunia.com/advisories/16914/ python21-pth<2.1.3nb7 remote-code-execution http://secunia.com/advisories/16914/ rsaref<2.0p3 buffer-overrun http://www.cert.org/advisories/CA-1999-15.html libgda<1.2.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2958 libwww<5.4.0nb4 denial-of-service http://secunia.com/advisories/17119/ zope-2.6.[0-9]* remote-code-execution http://secunia.com/advisories/17173/ openvmps<=1.3 remote-code-execution http://www.security.nnov.ru/Jdocument889.html libungif<4.1.3nb3 denial-of-service http://secunia.com/advisories/17436/ libungif<4.1.3nb3 remote-code-execution http://secunia.com/advisories/17436/ {ns,moz-bin,firefox-bin}-flash<7.0.25 remote-code-execution http://secunia.com/advisories/17430/ sudo<1.6.8pl9nb2 privilege-escalation http://www.sudo.ws/sudo/alerts/perl_env.html emacs-21.2.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232 sylpheed<2.0.4 local-code-execution http://secunia.com/advisories/17492/ spamassassin<3.0.4nb2 denial-of-service http://secunia.com/advisories/17386/ sylpheed-2.1.[0-5]* local-code-execution http://secunia.com/advisories/17492/ phpmyadmin<2.6.4pl4 http-header-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6 opera<8.51 remote-user-shell http://secunia.com/advisories/16907/ opera<8.51 remote-user-shell http://secunia.com/advisories/17437/ ipsec-tools<0.6.3 denial-of-service http://secunia.com/advisories/17668/ horde-3.0.[0-6]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759 horde<2.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3570 micq<0.4.10.4 denial-of-service http://www.micq.org/news.shtml.en gtk2+<2.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+-2.8.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+<2.6.10nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gtk2+-2.8.[0-6]{,nb*} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gdk-pixbuf<0.22.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 acid-[0-9]* cross-site-scripting http://secunia.com/advisories/17552/ acid-[0-9]* sql-injection http://secunia.com/advisories/17552/ thttpd<2.25bnb4 insecure-temp-files http://secunia.com/advisories/17454/ rar-linux<3.5.1 format-string-bug http://secunia.com/advisories/17524/ rar-linux<3.5.1 buffer-overflow http://secunia.com/advisories/17524/ gaim-encryption<2.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4693 mailman<2.1.6nb1 denial-of-service http://secunia.com/advisories/17511/ ghostscript-afpl<8.51nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp-nox11<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu-nox11<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-nox11<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ suse{,32}_gtk2<9.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 sun-{jre,jdk}13<1.0.16 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}14<2.9 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}15<5.0.4 local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 fastjar<0.93nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619 inkscape-0.4[1-2]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3737 webmin<1.170nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 webmin<1.170nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 unalz<0.53 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3862 kadu<0.4.2 denial-of-service http://secunia.com/advisories/17764/ centericq<4.20.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 centericq-4.21.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 xpdf<3.01pl1nb2 buffer-overflow http://secunia.com/advisories/17897/ kdegraphics<3.4.2nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt kdegraphics-3.4.3 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice<1.4.1nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice-1.4.2{,nb1} buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt Ffmpeg<0.4.9pre1 buffer-overflow http://secunia.com/advisories/17892/ horde<3.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4080 phpmyadmin<2.7.0 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-8 phpmyadmin<2.7.0pl1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9 curl<7.15.1 unknown http://www.hardened-php.net/advisory_242005.109.html php<4.4.1 cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php-5.0.[0-5]{,nb1} cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php<4.4.1 global-variables http://www.hardened-php.net/advisory_192005.78.html php-5.0.[0-5]{,nb1} global-variables http://www.hardened-php.net/advisory_192005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]{,nb1} remote-code-execution http://www.hardened-php.net/advisory_202005.79.html ethereal<0.10.13nb2 remote-code-execution http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities mplayer<1.0rc7nb6 buffer-overflow http://secunia.com/advisories/17892/ gmplayer<1.0rc7nb4 buffer-overflow http://secunia.com/advisories/17892/ mencoder<1.0rc7nb2 buffer-overflow http://secunia.com/advisories/17892/ gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 dropbear<0.46nb1 arbitrary-code-execution http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html mantis<1.0.0rc4 cross-site-scripting http://secunia.com/advisories/18181/ horde-3.0.[0-7]* cross-site-scripting http://secunia.com/advisories/17970/ turba<2.0.5 cross-site-scripting http://secunia.com/advisories/17968/ apache-2.0.[1-4][0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.5[0-4]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.55{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache<1.3.34nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 cups<1.1.23nb4 arbitrary-code-execution http://secunia.com/advisories/17976/ opera<8.02 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2407 opera<8.51 denial-of-service http://secunia.com/advisories/17963/ libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 trac<0.9.2 sql-injection http://projects.edgewall.com/trac/wiki/ChangeLog perl<5.8.7nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962 sun-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}14-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}15-* denial-of-service http://secunia.com/advisories/17478/ blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba blackdown-{jre,jdk}13-* privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 blackdown-{jre,jdk}13-* local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ fetchmail<6.2.5.5 denial-of-service http://fetchmail.berlios.de/fetchmail-SA-2005-03.txt realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 bugzilla<2.20 insecure-temp-files http://secunia.com/advisories/18218/ scponly<4.0 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.2.2 arbitrary-command-execution http://www.pizzashack.org/rssh/security.shtml rssh<2.2.3 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.3.0 privilege-escalation http://www.pizzashack.org/rssh/security.shtml scponly<4.2 privilege-escalation http://www.sublimation.org/scponly/ scponly<4.2 arbitrary-command-execution http://www.sublimation.org/scponly/ ethereal<0.10.14 denial-of-service http://secunia.com/advisories/18229/ kdegraphics<3.5.0nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt koffice<1.4.2nb4 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt openmotif<2.2.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3964 mantis<1.0.0rc4nb2 sql-injection http://secunia.com/advisories/18254/ mantis<1.0.0rc4nb2 information-disclosure http://secunia.com/advisories/18254/ adodb<4.70 sql-injection http://secunia.com/advisories/17418/ adodb<4.70 information-disclosure http://secunia.com/advisories/17418/ poppler<0.4.4 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-003.txt ytalk<3.2.0 denial-of-service http://www.impul.se/ytalk/ChangeLog trac<0.9.3 cross-site-scripting http://secunia.com/advisories/18048/ blender<2.37nb3 denial-of-service http://secunia.com/advisories/18176/ blender>=2.38<2.40 denial-of-service http://secunia.com/advisories/18176/ gcpio<2.6nb2 denial-of-service http://secunia.com/advisories/18251/ gcpio<2.6nb2 arbitrary-code-execution http://secunia.com/advisories/18251/ rxvt-unicode<6.3 local-privilege-escalation http://secunia.com/advisories/18301/ pine<4.64 buffer-overflow http://www.idefense.com/intelligence/vulnerabilities/display.php?id=313 clamav<0.88 heap-overflow http://secunia.com/advisories/18379/ bitlbee<1.0 denial-of-service http://get.bitlbee.org/devel/CHANGES hylafax-4.2.3{,nb*} privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[0-3]{,nb*} local-privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[2-3]{,nb*} local-command-execution http://secunia.com/advisories/18314/ ap-auth-ldap<1.6.1 arbitrary-code-execution http://secunia.com/advisories/18382/ sudo<1.6.8pl12nb1 privilege-escalation http://secunia.com/advisories/18358/ wine>20000000<20060000 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 wine<0.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 tor<=0.1.1.12-alpha information-disclosure http://archives.seul.org/or/announce/Jan-2006/msg00001.html mantis<1.0.0rc5 cross-site-scripting http://secunia.com/advisories/18434/ tuxpaint<0.9.14nb6 insecure-temp-file http://secunia.com/advisories/18475/ kdelibs<3.5.0nb2 buffer-overflow http://www.kde.org/info/security/advisory-20060119-1.txt php-5.0.[0-9]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php5-mysqli>=5.1.0<5.1.2 arbitrary-code-execution http://secunia.com/advisories/18431/ php-5.0.[0-9]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ vmware<5.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4459 xpdf<3.01pl2 denial-of-service http://secunia.com/advisories/18303/ xpdf<3.01pl2 arbitrary-code-execution http://secunia.com/advisories/18303/ cups<1.1.23nb8 denial-of-service http://secunia.com/advisories/18332/ cups<1.1.23nb8 arbitrary-code-execution http://secunia.com/advisories/18332/ antiword<0.37nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3126 sun-{jdk,jre}15<5.0.4 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}14<2.9 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}13<1.0.16 arbitrary-code-execution http://secunia.com/advisories/17748/ mailman-2.1.[4-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4153 teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/18329/ apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.5[0-4]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.55{,nb[1234]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 mod-auth-pgsql-[0-9]* format-string http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3656 xine-lib<1.0.3anb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 xine-lib<1.0.3anb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 mydns-{mysql,pgsql}<1.1.0 denial-of-service http://secunia.com/advisories/18532/ adodb<4.71 sql-injection http://secunia.com/advisories/18575/ ImageMagick<6.2.6.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601 ImageMagick<6.2.6.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082 libast<0.6.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0224 png-1.2.[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 png-1.0.1[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 p5-Mail-Audit<1.21nb2 privilege-escalation http://secunia.com/advisories/18656/ kdegraphics<3.5.0nb2 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt kdegraphics-3.5.1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt heimdal<0.7.2 privilege-escalation http://www.pdc.kth.se/heimdal/advisory/2006-02-06/ firefox{,-bin,-gtk1}-1.5 remote-code-execution http://www.mozilla.org/security/announce/mfsa2006-04.html libtool-base<1.5.18nb7 insecure-temp-files http://lists.gnu.org/archive/html/libtool/2005-12/msg00076.html php>=5<5.1.0 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 php<4.4.2 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 openssh<4.3.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 gnutls<1.2.10 denial-of-service http://secunia.com/advisories/18794/ gnutls-1.3.[0-3]{,nb*} denial-of-service http://secunia.com/advisories/18794/ libtasn1<0.2.18 denial-of-service http://secunia.com/advisories/18794/ sun-{jdk,jre}15<5.0.6 remote-code-execution http://secunia.com/advisories/18760/ sun-{jdk,jre}14<2.10 remote-code-execution http://secunia.com/advisories/18760/ sun-{jdk,jre}13<1.0.17 remote-code-execution http://secunia.com/advisories/18760/ sun-{jdk,jre}15<5.0.6 remote-code-execution http://secunia.com/advisories/18762/ adzap<20060129 denial-of-service http://secunia.com/advisories/18771/ pam-mysql<0.6.2 arbitrary-code-execution http://secunia.com/advisories/18598/ exim<3.36nb6 arbitrary-code-execution http://secunia.com/advisories/16502/ exim>=4.0<4.53 arbitrary-code-execution http://secunia.com/advisories/16502/ noweb<2.9anb3 insecure-temp-files http://secunia.com/advisories/18809/ honeyd<1.0nb2 remote-information-exposure http://www.honeyd.org/adv.2006-01 honeyd>=1.1<1.5 remote-information-exposure http://www.honeyd.org/adv.2006-01 lighttpd<1.4.9 remote-information-exposure http://secunia.com/product/4661/ gnupg<1.4.2.1 verification-bypass http://secunia.com/advisories/18845/ dovecot>0.99.99<1.0beta3 denial-of-service http://secunia.com/advisories/18870/ tin<1.8.1 buffer-overflow ftp://ftp.tin.org/pub/news/clients/tin/stable/CHANGES opera<8.52 www-address-spoof http://secunia.com/advisories/17571/ bugzilla<2.20.1 sql-injection http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 cross-site-scripting http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 information-exposure http://www.securityfocus.com/archive/1/425584/30/0/threaded postgresql73-server<7.3.14 denial-of-service http://secunia.com/advisories/18890/ postgresql74-server<7.4.12 denial-of-service http://secunia.com/advisories/18890/ postgresql80-server<8.0.7 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 privilege-escalation http://secunia.com/advisories/18890/ bomberclone<0.11.6nb3 remote-code-execution http://secunia.com/advisories/18914/ libextractor<0.5.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624 snort<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-mysql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-pgsql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 monotone<0.25.2 remote-code-execution http://venge.net/monotone/NEWS gnupg<1.4.2.2 incorrect-signature-verification http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html p5-Crypt-CBC<2.17 weak-encryption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0898 namazu<2.0.16 directory-traversal http://www.namazu.org/security.html.en#dir-traversal base<1.2.2 sql-injection http://sourceforge.net/forum/forum.php?forum_id=529375 drupal<4.6.6 security-bypass http://drupal.org/files/sa-2006-001/advisory.txt drupal<4.6.6 cross-site-scripting http://drupal.org/files/sa-2006-002/advisory.txt drupal<4.6.6 session-fixation http://drupal.org/files/sa-2006-003/advisory.txt drupal<4.6.6 mail-header-injection http://drupal.org/files/sa-2006-004/advisory.txt horde<3.1 information-disclosure http://secunia.com/advisories/19246/ curl-7.15.[0-2]{,nb*} buffer-overflow http://curl.haxx.se/docs/adv_20060320.html xorg-server>=6.9.0<6.9.0nb7 privilege-escalation http://lists.freedesktop.org/archives/xorg/2006-March/013992.html xorg-server>=6.9.0<6.9.0nb7 denial-of-service http://lists.freedesktop.org/archives/xorg/2006-March/013992.html freeradius<1.1.1 denial-of-service http://secunia.com/advisories/19300/ sendmail>=8.13<8.13.5nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 sendmail<8.12.11nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 phpmyadmin<2.8.0.2 cross-site-scripting http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 horde>=3.0<3.1.1 remote-code-execution http://lists.horde.org/archives/announce/2006/000271.html {ns,moz-bin,firefox-bin}-flash<7.0.63 remote-code-execution http://www.us-cert.gov/cas/techalerts/TA06-075A.html RealPlayerGold<10.0.7 remote-code-execution http://service.real.com/realplayer/security/03162006_player/en/ p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1279 p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1280 samba<3.0.22 insecure-log-files http://www.samba.org/samba/security/CAN-2006-1059.html dia>=0.87<0.94nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550 mantis<1.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1577 mysql-server>=3.0<4.1.20 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 mysql-server>=5.0<5.0.20nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 php>=5.0<5.1.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 php<4.4.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php>=5.0<5.1.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php<4.4.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 freeciv-server<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0047 lsh<1.4.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh<1.4.3nb4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 clamav<0.88.1 denial-of-service http://secunia.com/advisories/19534/ clamav<0.88.1 remote-code-execution http://secunia.com/advisories/19534/ phpmyadmin<2.8.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-1 mailman<2.1.8rc1 cross-site-scripting http://secunia.com/advisories/19558/ mplayer<1.0rc7nb10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 gmplayer<1.0rc7nb6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 mencoder<1.0rc7nb4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 xscreensaver<4.16 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294 xscreensaver<4.16 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655 php>=5.0<5.1.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php<4.4.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php>=5.0<5.1.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php<4.4.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 firefox{,-bin,-gtk1}>=1.5<1.5.0.2 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html seamonkey{,-bin,-gtk1}<1.0.1 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html seamonkey{,-bin,-gtk1}<1.0.1 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html thunderbird{,-bin,-gtk1}<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}<1.0.8 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html seamonkey{,-bin,-gtk1}<1.0.1 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html mozilla{,-bin,-gtk2}<1.7.13 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html thunderbird{,-bin,-gtk1}<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html phpmyadmin<2.8.0.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 amaya<9.5 remote-code-execution http://secunia.com/advisories/19670/ cy2-digestmd5<2.1.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1721 xzgv<0.8.0.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060 xine-ui<0.99.2nb5 remote-code-execution http://secunia.com/advisories/19671/ xine-ui-0.99.4{,nb1} remote-code-execution http://secunia.com/advisories/19671/ ethereal<0.99.0 remote-code-execution http://www.ethereal.com/docs/release-notes/ethereal-0.99.0.html trac<0.9.5 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ ja-trac<0.9.5.1 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ i2cbd<2.0_BETA3 denial-of-service http://www.draga.com/~jwise/i2cb/ adodb<4.72 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0806 squirrelmail<1.4.6 cross-site-scripting http://secunia.com/advisories/18985/ squirrelmail<1.4.6 imap-injection http://secunia.com/advisories/18985/ unrealircd<3.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1214 firefox{,-gtk1}>=1.5<1.5.0.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 firefox-bin>=1.5<1.5.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 clamav<0.88.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1989 asterisk<1.2.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1827 cgiirc<0.5.8 remote-code-execution http://secunia.com/advisories/19922/ miredo<0.8.2 security-bypass http://www.simphalempin.com/dev/miredo/mtfl-sa-0601.shtml.en xorg-server>=6.8.0<6.9.0nb10 remote-code-execution http://lists.freedesktop.org/archives/xorg/2006-May/015136.html nagios-base<2.3 remote-code-execution https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890 i2cbd<=2.0_BETA4 denial-of-service http://www.draga.com/~jwise/i2cb/ crossfire-server<1.9.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1236 dovecot>0.99.99<1.0beta8 remote-file-listing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2414 php<4.4.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991 php>=5.1<5.1.4 unknown http://secunia.com/advisories/19927/ phpldapadmin<0.9.8.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2016 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518 nagios-base<2.3.1 remote-code-execution http://secunia.com/advisories/20123/ quagga<0.98.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga>0.99<0.99.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 zebra-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga<0.98.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga>0.99<0.99.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 zebra-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga<0.98.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 quagga>0.99<0.99.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 zebra-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0405 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2024 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2120 xine-lib<1.0.3anb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 awstats<6.6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1945 awstats<6.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2237 quake3arena<1.32c remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3arena<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2875 abcmidi<2006-04-22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1514 openldap<2.3.22 buffer-overflow http://secunia.com/advisories/20126/ libextractor<0.5.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458 freetype2<2.1.10nb3 remote-code-execution http://secunia.com/advisories/20100/ dia<0.95.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2480 cscope<15.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541 binutils<2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362 firefox{,-bin,-gtk1}<1.5.0.5 information-exposure http://secunia.com/advisories/20244/ mozilla{,-bin,-gtk2}-[0-9]* information-exposure http://secunia.com/advisories/20256/ netscape7-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942 netscape7-[0-9]* information-exposure http://secunia.com/advisories/20255/ postgresql73-server<7.3.15 sql-injection http://secunia.com/advisories/20231/ postgresql74-server<7.4.13 sql-injection http://secunia.com/advisories/20231/ postgresql80-server<8.0.8 sql-injection http://secunia.com/advisories/20231/ postgresql81-server<8.1.4 sql-injection http://secunia.com/advisories/20231/ drupal<4.6.7 sql-injection http://drupal.org/files/sa-2006-005/advisory.txt drupal<4.6.7 arbitrary-code-execution http://drupal.org/files/sa-2006-006/advisory.txt mpg123<0.59.18nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-esound<0.59.18nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-nas<0.59.18nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 tor<0.1.1.20 multiple-vulnerabilities http://secunia.com/advisories/20277/ awstats<6.6nb1 security-bypass http://secunia.com/advisories/20164/ drupal-4.7.[0-1]* arbitrary-code-execution http://drupal.org/node/66763 drupal-4.7.[0-1]* cross-site-scripting http://drupal.org/node/66767 drupal<4.6.8 arbitrary-code-execution http://drupal.org/node/66763 drupal<4.6.8 cross-site-scripting http://drupal.org/node/66767 firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html firefox{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html thunderbird{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html seamonkey{,-bin,-gtk1}<1.0.2 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html firefox{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html thunderbird{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html seamonkey{,-bin,-gtk1}<1.0.2 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-36.html firefox{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html thunderbird{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html seamonkey{,-bin,-gtk1}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html firefox{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html seamonkey{,-bin,-gtk1}<1.0.2 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html firefox{,-bin,-gtk1}<1.5.0.4 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html seamonkey{,-bin,-gtk1}<1.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html thunderbird{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html {ja-,}squirrelmail<1.4.6nb3 remote-file-read http://www.squirrelmail.org/security/issue/2006-06-01 snort{,-mysql,-pgsql}<2.4.5 security-bypass http://secunia.com/advisories/20413/ mysql-server>=4.0<4.1.20 sql-injection http://secunia.com/advisories/20365/ mysql-server>=5.0<5.0.22 sql-injection http://secunia.com/advisories/20365/ base<1.2.5 remote-file-read http://secunia.com/advisories/20300/ asterisk<1.2.9.1 denial-of-service http://www.asterisk.org/node/95 spamassassin<3.1.3 arbitrary-code-execution http://secunia.com/advisories/20430/ tiff<3.8.2nb2 arbitrary-code-execution http://secunia.com/advisories/20488/ firefox{,2}{,-bin,-gtk1}<2.0.0.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 seamonkey{,-bin,-gtk1}<1.1.5 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 mozilla{,-bin,-gtk2}-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 netscape7-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 courier-mta<0.53.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2659 gdm<2.8.0.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 gdm>=2.14<2.14.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 sge<6.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0408 sge<6.0.8 security-bypass http://secunia.com/advisories/20518/ 0verkill<0.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2971 php<4.4.2 arbitrary-code-execution http://pear.php.net/advisory-20051104.txt pear-5.0.[0-9]* arbitrary-code-execution http://pear.php.net/advisory-20051104.txt kadu<0.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0768 irssi<0.8.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0458 crossfire-server<1.9.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 crossfire-server<1.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 dropbear<0.48 arbitrary-code-execution http://secunia.com/advisories/18964/ p5-libapreq2<2.07 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0042 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2691 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2692 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1998 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1999 jabberd>=2<2.0s11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1329 unalz<0.55 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0950 ap2-py{15,20,21,22,23,24,25,26,27,31}-python<3.2.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1095 zoo<2.10.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1269 sylpheed<2.2.6 security-bypass http://secunia.com/advisories/20577/ kiax<0.8.51 remote-code-execution http://secunia.com/advisories/20567/ acroread7<7.0.8 unknown http://www.adobe.com/support/techdocs/327817.html sendmail<8.12.11nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 sendmail>=8.13<8.13.6nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 gd<2.0.33nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906 arts<1.5.1nb2 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt arts>=1.5.2<1.5.3nb1 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt kdebase<3.5.1nb4 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt kdebase>=3.5.2<3.5.3nb1 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt horde>=3.0<3.1.1nb2 cross-site-scripting http://secunia.com/advisories/20661/ mutt<1.4.2.1nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 mutt>=1.5<1.5.11nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 chmlib<0.38 remote-file-write http://secunia.com/advisories/20734/ netpbm<10.34 denial-of-service http://secunia.com/advisories/20729/ gnupg<1.4.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 gnupg-devel<1.9.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 opera<9.0 remote-code-execution http://secunia.com/advisories/20787/ opera<9.0 ssl-cert-spoofing http://secunia.com/secunia_research/2006-49/advisory/ php<4.4.2nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 php>=5.0<5.1.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 emech<3.0.2 denial-of-service http://secunia.com/advisories/20805/ hashcash<1.21 denial-of-service http://secunia.com/advisories/20800/ gftp<2.0.18nb5 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup gftp<2.0.18nb4 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup xine-lib<1.0.3anb10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802 php4-curl<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 php5-curl<5.1.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 sun-{jre,jdk}1{3,4,5}-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2426 png<1.2.12 arbitrary-code-execution http://www.securityfocus.com/bid/18698 openoffice2{,-bin}<2.0.3 security-bypass http://www.openoffice.org/security/CVE-2006-2199.html openoffice2{,-bin}<2.0.3 arbitrary-code-execution http://www.openoffice.org/security/CVE-2006-2198.html openoffice2{,-bin}<2.0.3 buffer-overflow http://www.openoffice.org/security/CVE-2006-3117.html geeklog<1.4.0.3nb2 remote-code-execution http://secunia.com/advisories/20886/ webmin<1.290 remote-information-exposure http://secunia.com/advisories/20892/ phpmyadmin<2.8.1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804 phpmyadmin<2.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4 samba<3.0.22nb2 denial-of-service http://www.samba.org/samba/security/CAN-2006-3403.html trac<0.9.6 cross-site-scripting http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 cross-site-scripting http://secunia.com/advisories/20958/ trac<0.9.6 remote-information-exposure http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 remote-information-exposure http://secunia.com/advisories/20958/ {ja-,}squirrelmail<1.4.7 remote-information-exposure http://www.securityfocus.com/bid/17005 geeklog<1.4.0.5 cross-site-scripting http://secunia.com/advisories/21094/ hyperestraier>=0.5.0<1.3.3 cross-site-request-forgeries http://secunia.com/advisories/21049/ ruby18-base<1.8.4nb4 security-bypass http://secunia.com/advisories/21009/ gimp>=2<2.2.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 gimp>=2.3.0<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 asterisk<1.2.10 denial-of-service http://secunia.com/advisories/21071/ horde>=3.0<3.1.2 cross-site-scripting http://secunia.com/advisories/20954/ zoo<2.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0855 apache-tomcat>=5.5.0<5.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510 pngcrush<1.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849 ethereal-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3627 x11vnc<0.8.2 remote-authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450 wv2<0.2.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197 apache<1.3.35 cross-site-scripting http://secunia.com/advisories/21172/ apache>2.0<2.0.58 cross-site-scripting http://secunia.com/advisories/21172/ freeciv-server-2.0.[0-8]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3913 libmikmod-3.2.2 arbitrary-code-execution http://secunia.com/advisories/21196/ p5-Net-Server<0.88 denial-of-service http://secunia.com/advisories/21149/ firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html thunderbird{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html apache<1.3.37 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 apache>2.0<2.0.59 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 postfix>=2.2.0<2.2.11 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/08/01/0000.html postfix>=2.3.0<2.3.1 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/07/25/0002.html gnupg<1.4.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746 suse{,32}_libtiff<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0001.html suse{,32}_freetype2<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server>5.0<5.0.25 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.25 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227 mysql-server>5.0<5.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420 mysql-server>5.0<5.0.40 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 mysql-server<4.1.22nb1 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2692 tiff<3.8.2nb3 multiple-vulnerabilities http://secunia.com/advisories/21304/ drupal<4.6.9 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt drupal<4.7.3 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt cfs<1.4.1nb6 denial-of-service http://secunia.com/advisories/21310/ hobbit<4.0b6nb10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4003 sge-5.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3941 php>4.0<4.4.3 remote-unknown http://secunia.com/advisories/21328/ clamav<0.88.4 remote-code-execution http://secunia.com/advisories/21374/ php>4.0<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 php>5.0<5.1.4nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 lesstif>=0.78<=0.85.3 privilege-escalation http://secunia.com/advisories/21428/ mit-krb5<1.4.2nb3 privilege-escalation http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt heimdal<0.7.2nb3 privilege-escalation http://secunia.com/advisories/21436/ bomberclone<0.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4005 bomberclone<0.11.7 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4006 {ja-,}squirrelmail<1.4.8 remote-information-exposure http://secunia.com/advisories/21354/ {ja-,}squirrelmail<1.4.8 remote-data-manipulation http://secunia.com/advisories/21354/ ImageMagick<6.2.9.0 arbitrary-code-execution http://secunia.com/advisories/21462/ horde<3.1.3 cross-site-scripting http://secunia.com/advisories/21500/ imp<4.1.3 cross-site-scripting http://secunia.com/advisories/21533/ miredo<0.9.7 denial-of-service http://www.simphalempin.com/dev/miredo/mtfl-sa-0603.shtml.en miredo<0.9.8 unknown http://mail-index.netbsd.org/pkgsrc-changes/2006/08/15/0026.html php<4.4.4 multiple-vulnerabilities http://secunia.com/advisories/21546/ php>5.0<5.1.5 multiple-vulnerabilities http://secunia.com/advisories/21546/ binutils<2.17 arbitrary-code-execution http://secunia.com/advisories/21508/ libwmf<0.2.8.4nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 honeyd<1.5b denial-of-service http://secunia.com/advisories/21591/ XFree86-libs<4.4.0nb8 arbitrary-code-execution http://secunia.com/advisories/21446/ xorg-libs<6.9.0nb7 arbitrary-code-execution http://secunia.com/advisories/21450/ xorg-server<6.9.0nb12 arbitrary-code-execution http://secunia.com/advisories/21450/ libtunepimp<0.4.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600 mplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 gmplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 mencoder<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 freetype2<2.2.1nb2 arbitrary-code-execution http://secunia.com/advisories/21450/ wireshark<0.99.3 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ethereal>=0.7.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ImageMagick<6.2.9.1 arbitrary-code-execution http://secunia.com/advisories/21615/ asterisk<1.2.11 remote-code-execution http://secunia.com/advisories/21600/ cscope<15.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4262 streamripper<1.61.26 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3124 sendmail>8.13<8.13.8 denial-of-service http://secunia.com/advisories/21637/ musicbrainz<2.1.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4197 cube-[0-9]* denial-of-service http://aluigi.altervista.org/adv/evilcube-adv.txt cube-[0-9]* remote-code-execution http://aluigi.altervista.org/adv/evilcube-adv.txt zope25-CMFPlone>2.0<2.5 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1711 tor<0.1.1.23 denial-of-service http://secunia.com/advisories/21708/ tor<0.1.1.23 bypass-security-restrictions http://secunia.com/advisories/21708/ gtetrinet<0.7.7nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3125 openoffice2{,-bin}<2.0.2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 webmin<1.296 cross-site-scripting http://secunia.com/advisories/21690/ webmin<1.296 remote-information-disclosure http://secunia.com/advisories/21690/ gdb>6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146 gtar-base<1.15.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 gtar-base<1.15.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 openldap-server<2.3.25 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600 openldap<2.3.25 bypass-security-restrictions http://secunia.com/advisories/21721/ mailman<2.1.9rc1 denial-of-service http://secunia.com/advisories/21732/ mailman<2.1.9rc1 cross-site-scripting http://secunia.com/advisories/21732/ sendmail<8.12.11nb4 denial-of-service http://secunia.com/advisories/21637/ bind>9.3<9.3.2nb2 denial-of-service http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en openssl<0.9.7inb2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412 xorg-clients<6.9.0nb9 privilege-escalation http://secunia.com/advisories/21650/ xorg-libs<6.9.0nb10 privilege-escalation http://secunia.com/advisories/21650/ xorg-server<6.9.0nb13 privilege-escalation http://secunia.com/advisories/21650/ firefox{,-bin,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html thunderbird{,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html seamonkey{,-bin,-gtk1}<1.0.5 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html firefox-bin<1.5.0.7 auto-update-spoof http://www.mozilla.org/security/announce/2006/mfsa2006-58.html firefox{,-bin,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html thunderbird{,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html seamonkey{,-bin,-gtk1}<1.0.5 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html firefox{,-bin,-gtk1}<1.5.0.7 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html seamonkey{,-bin,-gtk1}<1.0.5 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html firefox{,-bin,-gtk1}<1.5.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-62.html thunderbird{,-gtk1}<1.5.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html seamonkey{,-bin,-gtk1}<1.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html {firefox-bin,moz-bin,ns}-flash<7.0.68 remote-code-execution http://www.adobe.com/support/security/bulletins/apsb06-11.html XFree86-libs<4.4.0nb9 arbitrary-code-execution http://secunia.com/advisories/21890/ gnutls<1.4.4 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4790 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 cabextract<1.2 buffer-overflow http://www.kyz.uklinux.net/cabextract.php openssh<4.3.1nb1 denial-of-service http://secunia.com/advisories/22091/ openssl<0.9.7inb3 denial-of-service http://secunia.com/advisories/22130/ opera<9.02 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 opera<9.02 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4819 wireshark<0.99.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-01.html wireshark<0.99.2 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2006-01.html phpmyadmin<2.9.0.1 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-5 ffmpeg-0.4.* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mono<1.1.13.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072 php-4.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php-5.[01]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php<4.3.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php>5.0<5.1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php<4.4.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 php>5.0<5.1.6nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 openssh<4.3.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 openssh+gssapi<4.4 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052 openssh+gssapi<4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 bugzilla<2.22.1 cross-site-scripting http://www.bugzilla.org/security/2.18.5/ bugzilla<2.22.1 information-leakage http://www.bugzilla.org/security/2.18.5/ asterisk<1.2.13 remote-code-execution http://www.asterisk.org/node/109 drupal<4.7.4 cross-site-scripting http://drupal.org/files/sa-2006-024/advisory.txt drupal<4.7.4 cross-site-request-forgeries http://drupal.org/files/sa-2006-025/advisory.txt drupal<4.7.4 html-attribute-injection http://drupal.org/files/sa-2006-026/advisory.txt postgresql73-server<7.3.16 denial-of-service http://www.postgresql.org/about/news.664 postgresql74-server<7.4.14 denial-of-service http://www.postgresql.org/about/news.664 postgresql80-server<8.0.9 denial-of-service http://www.postgresql.org/about/news.664 postgresql81-server<8.1.5 denial-of-service http://www.postgresql.org/about/news.664 poppler<0.5.1 integer-overflow http://secunia.com/advisories/18644/ qt3-libs<3.3.6nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 qt4-libs<4.1.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 sge<6.0.11 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1 milter-greylist-3.0rc[45] denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/10/27/0006.html ingo<1.1.2 procmail-local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5449 screen<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 wireshark<0.99.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-03.html mutt<1.4.2.2nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt<1.4.2.2nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 mutt>=1.5.0<1.5.13nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt>=1.5.0<1.5.13nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 ruby18-base<1.8.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467 php>=5.0<5.1.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 php>=4.0<4.4.4nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 phpmyadmin<2.9.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6 milter-greylist<3.0rc7 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/11/07/0024.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html firefox{,-bin,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html thunderbird{,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html seamonkey{,-bin,-gtk1}<1.0.6 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html libarchive<1.3.1 denial-of-service http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc openssh<4.5.1 security-bypass http://secunia.com/advisories/22771/ trac<0.10.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.3 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac>=0.10.1.1<0.10.2.1 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 png<1.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 suse{,32}_libpng<10.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 proftpd<1.3.0nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 gv<3.6.2nb1 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 gtexinfo<4.8nb6 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810 dovecot>0.99.99<1.0rc7nb1 buffer-overflow http://www.dovecot.org/list/dovecot-news/2006-November/000023.html dovecot>=1.0rc8<1.0rc15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5973 phpmyadmin<2.9.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7 phpmyadmin<2.9.1.1 information-leakage http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-8 phpmyadmin<2.9.1.1 weak-acl-enforcement http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-9 fvwm>=2.4<2.4.19nb4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 fvwm>=2.5<2.5.18nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809 openldap-client<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 openldap-server<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 gnupg<1.4.5nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg2<2.0.0nb3 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel<1.9.22nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel>=1.9.23 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 gtar-base<1.15.1nb4 overwrite-arbitrary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 libgsf<1.14.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4514 tnftpd<20040810nb1 remote-code-execution http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html kdegraphics<=3.5.4 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt kdegraphics>=3.1.0<=3.5.5 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt links{,-gui}<2.1.0.26 remote-command-execution http://secunia.com/advisories/22905/ elinks<0.11.2 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5925 kile<1.9.3 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6085 evince<0.6.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 {ja-,}squirrelmail<1.4.9a cross-site-scripting http://secunia.com/advisories/23195/ xine-lib<=1.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 gmplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mencoder<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 koffice-1.4.[0-9]* code-execution http://www.kde.org/info/security/advisory-20061205-1.txt koffice-1.6.0 code-execution http://www.kde.org/info/security/advisory-20061205-1.txt fprot-workstation-bin<4.6.7 denial-of-service http://www.securityfocus.com/bid/21420 ruby18-base<1.8.5.20061205 denial-of-service http://www.securityfocus.com/bid/21441 gnupg<1.4.6 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg2<2.0.0nb4 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg-devel-[0-9]* buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html ImageMagick<6.3.0.3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 GraphicsMagick<1.1.7 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 proftpd<1.3.0a remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 wv<1.2.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4513 net-snmp>=5.3<5.3.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-6305 kronolith<2.1.4 local-file-inclusion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6175 clamav<0.88.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6481 mantis<1.0.8 remote-information-disclosure http://secunia.com/advisories/23258/ sylpheed<2.2.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 sylpheed-claws<2.2.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 tor<0.1.1.26 privacy-leak http://archives.seul.org/or/announce/Dec-2006/msg00000.html dbus<0.92nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 dbus>=1.0<1.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 gdm<2.16.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6105 {firefox-bin,moz-bin,ns}-flash<7.0.69 inject-http-headers http://www.adobe.com/support/security/bulletins/apsb06-18.html clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182 clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295 libksba<0.9.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5111 libmodplug<0.8.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4192 firefox{,-bin,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=1.5.0.4<1.5.0.9 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 rss-referer-leak http://www.mozilla.org/security/announce/2006/mfsa2006-75.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-76.html thunderbird{,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html thunderbird{,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html thunderbird{,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html seamonkey{,-bin,-gtk1}<1.0.7 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html seamonkey{,-bin,-gtk1}<1.0.7 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html seamonkey{,-bin,-gtk1}<1.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html seamonkey{,-bin,-gtk1}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html pam-ldap<183 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-5170 mono<1.2.2 source-code-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}15<5.0.7 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 w3m<0.5.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772 miredo<1.0.6 authentication-spoofing http://www.simphalempin.com/dev/miredo/mtfl-sa-0604.shtml.en fetchmail<6.3.6 password-disclosure http://www.fetchmail.info/fetchmail-SA-2006-02.txt fetchmail-6.3.5* denial-of-service http://www.fetchmail.info/fetchmail-SA-2006-03.txt drupal<4.7.5 cross-site-scripting http://drupal.org/files/sa-2007-001/advisory.txt drupal<4.7.5 denial-of-service http://drupal.org/files/sa-2007-002/advisory.txt bzip2<1.0.4 permissions-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0953 gtexinfo-4.8nb6 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/01/08/0037.html opera<8.10 remote-code-execution http://secunia.com/advisories/23613/ acroread7<7.0.9 cross-site-scripting http://www.adobe.com/support/security/advisories/apsa07-01.html vlc<0.8.6a arbitrary-code-execution http://www.videolan.org/sa0701.html modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 mplayer<1.0rc9nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 gmplayer<1.0rc9nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 mencoder<1.0rc9nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 kdenetwork<3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070109-1.txt kdegraphics>=3.2.0<=3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt koffice>=1.2<=1.6.1nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt mit-krb5<1.4.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519321296&w=2 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764&w=2 py{15,20,21,22,23,24,25,26,27,31}-django<0.95.1 privilege-escalation http://secunia.com/advisories/23826/ squid<2.6.7 denial-of-service http://secunia.com/advisories/23767/ rubygems<0.9.0nb2 overwrite-arbitrary-files http://www.frsirt.com/english/advisories/2007/0295 ap-auth-kerb<5.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989 drupal<4.7.6 remote-code-execution http://drupal.org/node/113935 bugzilla<2.22.2 cross-site-scripting http://www.bugzilla.org/security/2.20.3/ wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459 samba<3.0.24 denial-of-service http://samba.org/samba/security/CVE-2007-0452.html samba<3.0.24 solaris-buffer-overflow http://samba.org/samba/security/CVE-2007-0453.html samba<3.0.24 vfs-format-string http://samba.org/samba/security/CVE-2007-0454.html kdelibs<3.5.6nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt poppler<0.5.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104 php>5<5.2.1 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0905 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 php>5<5.2.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 php>5<5.2.1 unspecified-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 snort{,-mysql,-pgsql}<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931 clamav<0.90 denial-of-service http://secunia.com/advisories/24187/ spamassassin<3.1.8 denial-of-service http://secunia.com/advisories/24197/ mimedefang>=2.59<=2.60 denial-of-service http://secunia.com/advisories/24133/ mimedefang>=2.59<=2.60 remote-code-execution http://secunia.com/advisories/24133/ libsoup-devel<2.2.99 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5876 gd<2.0.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 rar-bin<3.7beta1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 unrar<3.7.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 xine-ui<0.99.4nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254 amarok<1.4.5nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6979 snort>=2.6.1<2.6.1.3 remote-code-execution http://www.snort.org/docs/advisory-2007-02-19.html firefox{,-bin,-gtk1}<1.5.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html thunderbird{,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}<1.0.8 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html nss<3.11.5 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html firefox{,-bin,-gtk1}<1.5.0.10 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html seamonkey{,-bin,-gtk1}<1.0.8 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}-1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}-2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}<1.5.0.10 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html thunderbird{,-gtk1}<1.5.0.10 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html php<4.4.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 silc-server<1.0.3 denial-of-service http://silcnet.org/general/news/?item=security_20070306_1 trac<0.10.3.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 ja-trac<0.10.3.1.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 p5-CGI-Session<4.12 sql-injection http://osdir.com/ml/lang.perl.modules.cgi-session.user/2006-04/msg00004.html horde<3.1.4 cross-site-scripting http://lists.horde.org/archives/announce/2007/000315.html horde<3.1.4 arbitrary-file-removal http://lists.horde.org/archives/announce/2007/000315.html libwpd<0.8.9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 phpmyadmin<2.10.0.2 denial-of-service http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3 squid<2.6.12 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_1.txt zope29<2.9.4nb4 privilege-escalation http://www.zope.org/Products/Zope/Hotfix-2007-03-20/ openafs<1.4.4 privilege-escalation http://www.openafs.org/security/OPENAFS-SA-2007-001.txt asterisk<1.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1306 asterisk<1.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1561 file<4.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 dovecot<1.0rc15nb1 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html dovecot>=1.0rc16<1.0rc29 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html xorg-server<1.2.0nb2 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libXfont<1.2.7nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libX11<1.1.1nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html qt3-libs<3.3.8nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 qt4-libs<4.2.3nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 kdelibs<3.5.6nb3 information-disclosure http://www.kde.org/info/security/advisory-20070326-1.txt openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 freetype2<2.3.2nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 xmms<1.2.10nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0653 ipsec-tools<0.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1841 fetchmail<6.3.8 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869 opera<9.20 cross-site-scripting http://www.opera.com/support/search/view/855/ opera<9.20 unknown-impact http://www.opera.com/support/search/view/858/ bind>=9.4.0<9.4.1 denial-of-service http://www.isc.org/index.pl?/sw/bind/bind-security.php postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql80-server<8.0.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql81-server<8.1.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql82-server<8.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 php4-gd<4.4.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 php5-gd<5.2.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 zziplib<0.10.82nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1614 squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 ja-squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 ja-squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 zoo<2.10.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669 php4-mssql<4.4.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 php5-mssql<5.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 samba>=3.0.23d<3.0.24nb2 privilege-elevation http://www.samba.org/samba/security/CVE-2007-2444.html samba>=3.0.0<3.0.24nb2 remote-code-execution http://www.samba.org/samba/security/CVE-2007-2446.html samba>=3.0.0<3.0.24nb2 remote-command-execution http://www.samba.org/samba/security/CVE-2007-2447.html php{4,5}-pear<1.5.4 arbitrary-code-execution http://pear.php.net/advisory-20070507.txt clamav<0.90.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997 clamav<0.90.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2029 png<1.2.17 denial-of-service http://secunia.com/advisories/25292/ quagga<0.98.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 quagga>0.99<0.99.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 freetype2<2.3.2nb2 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 freetype2>=2.3.3<2.3.4nb1 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 ap2-modsecurity>2<2.1.1 bypass-request-rules http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1359 gimp>2.2<2.2.13nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-base<1.2.5nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-2.2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 eggdrop<=1.6.17nb1 arbitrary-code-execution http://www.eggheads.org/bugzilla/show_bug.cgi?id=462 mutt<1.4.2.3 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 mutt<1.4.2.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683 ap{,2}-jk<1.2.23 directory-traversal http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1 ap{,2}-jk>=1.2.19<=1.2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774 apache-tomcat<=5.5.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 apache-tomcat<5.5.22 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 jakarta-tomcat4<=4.1.24 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 jakarta-tomcat5<=5.0.19 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 firefox{,-bin,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}<1.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html thunderbird{,-gtk1}>=2.0<2.0.0.4 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}<1.0.9 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html firefox{,-bin,-gtk1}<1.5.0.12 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}<1.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html clamav<0.90.3 buffer-overflows http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html apache>=2.2.4<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 php>5.0<5.2.3nb1 integer-overflow http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 denial-of-service http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 filtering-bypass http://www.php.net/ChangeLog-5.php#5.2.3 mplayer<1.0rc9nb7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 gmplayer<1.0rc9nb2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 spamassassin<3.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 spamassassin-3.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 file<4.21 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799 mecab-base<0.96 buffer-overflows http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3231 gnupg<1.4.7 signature-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263 openoffice2{,-bin}<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-0245.html openoffice2-bin<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-2754.html ktorrent<2.1.2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1385 vlc>0.8<0.8.5nb6 format-string http://www.videolan.org/sa0702.html vlc<0.7.2nb17 format-string http://www.videolan.org/sa0702.html bitchx<1.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3360 xvidcore<1.1.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3329 evolution-data-server<1.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257 proftpd<1.3.1rc2nb1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2165 apache<1.3.37nb2 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache<1.3.37nb2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.0<2.0.59nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.0<2.0.59nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1863 apache>=2.2.0<2.2.4nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1863 flac123<0.0.10 arbitrary-code-execution http://www.isecpartners.com/advisories/2007-002-flactools.txt phpmyadmin<2.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-2 phpmyadmin<2.9.2 http-response-splitting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-1 phpmyadmin<2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4 p5-Net-DNS<0.60 domain-name-spoofing http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3377 p5-Net-DNS<0.60 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3409 gimp>2.2<2.2.15nb2 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp-base<1.2.5nb6 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp>2.3<2.3.18nb1 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ libarchive<1.3.1nb1 infinite-loop http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 null-dereference http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 arbitrary-code-execution http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc clamav<0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725 centericq<4.21.0nb5 arbitrary-code-execution http://www.leidecker.info/advisories/07-06-07_centericq_bof.txt ipcalc<0.41 cross-site-scripting http://jodies.de/ipcalc-archive/ipcalc-0.40/ipcalc-security.html lighttpd<1.4.14 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt lighttpd<1.4.15 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_03.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_04.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_05.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_06.txt lighttpd<1.4.16 privacy-leak http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_08.txt firefox{,-bin,-gtk1}<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}<1.5.0.13 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}>=2.0<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html firefox{,-bin,-gtk1}<2.0.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html firefox{,-bin,-gtk1}<2.0.0.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html firefox{,-bin,-gtk1}<2.0.0.5 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html seamonkey{,-bin,-gtk1}<1.1.3 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html seamonkey{,-bin,-gtk1}<1.1.3 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html seamonkey{,-bin,-gtk1}<1.1.3 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html seamonkey{,-bin,-gtk1}<1.1.3 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html drupal>=5<5.2 cross-site-request-forgeries http://drupal.org/node/162360 drupal>=5<5.2 cross-site-scripting http://drupal.org/node/162361 bind>9.4.0<9.4.1pl1 weak-default-acls http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 bind>9.4.0<9.4.1pl1 cryptographically-weak-query-ids http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 firefox{,-bin,-gtk1}<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}<1.5.0.13 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}>=2.0<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html seamonkey{,-bin,-gtk1}<1.1.4 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html firefox{,-bin,-gtk1}<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<1.5.0.13 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html seamonkey{,-bin,-gtk1}<1.1.4 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html acroread-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread5-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gaim-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wmmail-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mozilla-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>5.0<5.2.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 php<4.4.7nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 qt3-libs<3.3.8nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 tcpdump<3.9.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 ethereal-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kdegraphics<3.5.7nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt koffice<1.6.3nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt py{15,20,21,22,23,24,25,26,27,31}-denyhosts<2.6nb1 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4323 squidGuard<1.2.1 acl-bypass http://www.squidguard.org/Doc/sg-2007-04-15.html rsync<2.6.9nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 opera<9.23 arbitrary-code-execution http://www.opera.com/support/search/view/865/ links{,-gui}-2.1.0.29* remote-command-execution http://links.twibright.com/download/ChangeLog kdelibs<3.5.7nb1 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt kdebase<3.5.7nb2 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt xfce4-terminal<0.2.6nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 apache>=2.0<2.0.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 apache>=2.2.0<2.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 lighttpd<1.4.18 remote-code-execution http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt bind>8<8.4.7pl1 cryptographically-weak-query-ids http://www.kb.cert.org/vuls/id/927905 bind>8<8.9.9 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt3-libs<3.3.8nb5 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 qt4-libs<4.3.2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 bugzilla>3<3.0.2 unauthorised-account-creation http://www.bugzilla.org/security/3.0.1/ kdebase>=3.3.0<3.5.7nb4 local-root-shell http://www.kde.org/info/security/advisory-20070919-1.txt ImageMagick<6.3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 fetchmail<6.3.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565 libXfont-1.3.1 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/09/24/0008.html ruby18-base<1.8.6.110nb1 access-validation-bypass http://www.isecpartners.com/advisories/2007-006-rubyssl.txt libpurple<2.2.1 denial-of-service http://www.pidgin.im/news/security/?id=23 openoffice2<2.2.1nb3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2<2.2.1nb3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openttd<0.5.3 remote-code-execution http://www.tt-forums.net/viewtopic.php?f=29&t=34077 xentools{3,30}-hvm<=3.1.0 remote-code-execution http://secunia.com/advisories/26986/ dircproxy<1.2.0beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226 spamassassin<3.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451 gnucash<2.0.5 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0007 chmlib<0.39 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0619 GConf2<2.16.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6698 drupal<5.3 arbitrary-code-execution http://drupal.org/node/184315 drupal<5.3 cross-site-scripting http://drupal.org/node/184320 drupal<5.3 cross-site-request-forgery http://drupal.org/node/184348 drupal<5.3 access-bypass http://drupal.org/node/184354 drupal<5.3 http-response-splitting http://drupal.org/node/184315 firefox{,-bin,-gtk1}<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html seamonkey{,-bin,-gtk1}<1.1.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird{,-gtk1}>=2.0<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html firefox{,-bin,-gtk1}<2.0.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html seamonkey{,-bin,-gtk1}<1.1.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html openssl<0.9.7inb5 arbitrary-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135 p5-XML-RSS<1.31 markup-injection-vulnerability http://search.cpan.org/src/ABH/XML-RSS-1.31/Changes mantis<1.0.8 cross-site-scripting http://www.mantisbt.org/changelog.php mantis<1.0.8 security-bypass http://www.mantisbt.org/changelog.php cups<1.2.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 libpurple<2.2.2 denial-of-service http://www.pidgin.im/news/security/?id=24 perl<5.8.8nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 mono<1.1.13.8.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197 phpmyadmin<2.11.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-6 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-7 koffice<1.6.3nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics<3.5.7nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics-3.5.8 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 openldap-server<2.3.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707 flac<1.2.1 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 ircservices<5.0.63 denial-of-service http://lists.ircservices.za.net/pipermail/ircservices/2007/005558.html poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{4352,5392,5393} wireshark<0.99.7pre2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2007-03.html php>=5<5.2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 net-snmp<5.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846 base<1.3.9 cross-site-scripting http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=555614 firefox{,-bin,-gtk1}<2.0.0.10 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html firefox{,-bin,-gtk1}<2.0.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html firefox{,-bin,-gtk1}<2.0.0.10 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html wesnoth<1.2.8 arbitrary-code-execution http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289 micq-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ikiwiki<2.13 remote-file-view http://ikiwiki.info/security/#index29h2 cairo<1.4.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 seamonkey{,-bin,-gtk1}<1.1.7 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html seamonkey{,-bin,-gtk1}<1.1.7 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html seamonkey{,-bin,-gtk1}<1.1.7 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html squid<2.6.17 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_2.txt drupal<5.4 sql-injection http://drupal.org/node/198162 ruby18-actionpack<1.13.6 www-session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077 samba<3.0.26anb3 remote-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 openoffice2<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html openoffice2-bin<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html mysql-server>5.0<5.0.51 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 ruby18-gnome2-gtk<0.16.0nb2 format-string http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6183 exiftags<1.01 arbitrary-code-execution http://secunia.com/advisories/28110/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1 denial-of-service http://www.djangoproject.com/weblog/2007/oct/26/security-fix/ cups<1.3.5 remote-code-execution http://www.cups.org/str.php?L2589 cups<1.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{4352,5392,5393} clamav<0.92 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5759 dovecot>=1.0.rc11<1.0.9nb1 unauthorized-access http://www.dovecot.org/list/dovecot-news/2007-December/000057.html opera<9.25 cross-site-scripting http://www.opera.com/support/search/view/875/ php<4.4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3378 php<4.4.8 denial-of-service http://www.php-security.org/MOPB/MOPB-03-2007.html libsndfile<1.0.17nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 horde<3.1.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 turba<2.1.6 privilege-escalation http://lists.horde.org/archives/announce/2008/000361.html kronolith<2.1.7 privilege-escalation http://lists.horde.org/archives/announce/2008/000362.html drupal<5.6 cross-site-request-forgery http://drupal.org/node/208562 drupal<5.6 cross-site-scripting http://drupal.org/node/208564 drupal<5.6 cross-site-scripting http://drupal.org/node/208565 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 apache>=2.2.0<2.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 libXfont<1.3.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 modular-xorg-server<1.3.0nb5 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 modular-xorg-server<1.3.0nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 mplayer<1.0rc10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} mencoder<1.0rc10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} gmplayer<1.0rc10nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} xine-lib<1.1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 firefox{,-bin,-gtk1}<2.0.0.12 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html firefox{,-bin,-gtk1}<2.0.0.12 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html firefox{,-bin,-gtk1}<2.0.0.12 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html seamonkey{,-bin,-gtk1}<1.1.8 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html seamonkey{,-bin,-gtk1}<1.1.8 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html seamonkey{,-bin,-gtk1}<1.1.8 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html SDL_image<1.2.6nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544 SDL_image<1.2.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697 RealPlayerGold<10.0.9 buffer-overflow http://service.real.com/realplayer/security/10252007_player/en/ thunderbird{,-gtk1}>=2.0<2.0.0.12 heap-overflow http://www.mozilla.org/security/announce/2008/mfsa2008-12.html pcre<7.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 blender<2.43 local-command-inject http://secunia.com/advisories/24232/ evolution<2.8.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1266 sylpheed<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 sylpheed-claws<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 mutt<1.5.14 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1268 GNUMail<1.1.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1269 courier-imap<4.0.7 remote-root-shell http://www.gentoo.org/security/en/glsa/glsa-200704-18.xml wireshark<0.99.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-01.html vlc<=0.8.6dnb1 remote-user-shell http://secunia.com/advisories/29122/ xine-lib<1.1.10.1 remote-user-shell http://secunia.com/advisories/28801/ mono<1.2.5.1 buffer-overflow http://secunia.com/advisories/27493/ mono<1.2.6 cross-site-scripting http://secunia.com/advisories/27349/ mono<1.2.6 buffer-overflow http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5197 phpmyadmin<2.11.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-8 phpmyadmin<2.11.5 remote-sql-inject http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1 viewvc<1.0.5 security-bypass http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-01.html thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-03.html thunderbird{,-gtk1}>=2.0<2.0.0.12 directory-traversal http://www.mozilla.org/security/announce/2008/mfsa2008-05.html ghostscript>7<=8.61 buffer-overflow http://scary.beasts.org/security/CESA-2008-001.html audacity<1.2.6nb1 symlink-attack http://www.gentoo.org/security/en/glsa/glsa-200803-03.xml dbus<1.0.2nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595 acroread{,5,7}-[0-9]* remote-user-shell http://www.securityfocus.com/bid/22753 acroread{,5,7}-[0-9]* remote-stack-smash http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663 acroread{,5,7}-[0-9]* remote-user-shell http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655 acroread{,5,7}-[0-9]* multiple-unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0655 acroread{,5,7}-[0-9]* remote-printing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0667 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0726 opera<9.26 remote-disclosure-of-information http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1080 opera<9.26 remote-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1081 opera<9.26 security-bypass http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1082 turba<2.1.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0807 kdepim<3.5.7 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1265 lighttpd<1.4.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983 cups<1.3.6 denial-of-service http://www.cups.org/str.php?L2656 acroread{,5,7}-[0-9]* temporary-files-race http://support.novell.com/techcenter/psdb/d8c48c63359fc807624182696d3d149c.html py{15,20,21,22,23,24,25,26,27,31}-paramiko<=1.6.4 remote-information-exposure http://www.lag.net/pipermail/paramiko/2008-January/000599.html icu<3.6nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 icu<3.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 e2fsprogs<1.40.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 splitvt<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0162 sun-j{re,dk}14<2.17 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}15<5.0.15 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}6<6.0.5 unknown http://secunia.com/advisories/29239/ evolution<2.12.3nb2 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072 silc-toolkit<1.1.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1227 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt mit-krb5>=1.6<1.6.3 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt horde<3.1.7 arbitrary-file-inclusion http://lists.horde.org/archives/announce/2008/000382.html synce-dccm<0.10.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6703 synce-dccm>=0.9.2<0.10.1 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1136 dovecot<1.0.13 authentication-bypass http://www.dovecot.org/list/dovecot-news/2008-March/000064.html ruby18-base<1.8.6.114 access-validation-bypass http://preview.ruby-lang.org/en/news/2008/03/03/webrick-file-access-vulnerability/ mailman<2.1.10 script-insertion http://secunia.com/advisories/28794/ openldap<2.3.39 denial-of-service http://secunia.com/advisories/27424/ openldap<=2.3.39 denial-of-service http://secunia.com/advisories/28926/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.1 multiple-vulnerabilities http://secunia.com/advisories/29010/ webmin<1.330 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1276 webmin<1.350 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3156 webmin<1.370 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5066 webmin<1.370nb3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0720 apache-tomcat<5.5.21 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 apache-tomcat<5.5.25 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{3382,3385} apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 apache-tomcat>=5.5.9<5.5.26 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 apache-tomcat>=5.5.11<5.5.26 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0238 xine-lib<1.1.10.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486 p5-Net-DNS<0.63 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341 roundup<1.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1474 roundup<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270 sarg<2.2.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1167 sarg<2.2.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1168 liblive<2007.11.18 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6036 nagios-base<2.5nb5 cross-site-scripting http://secunia.com/advisories/29363/ wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0665 wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0666 userppp-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1215 jasper<1.900.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 png<1.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 plone3<3.1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0164 maradns<1.2.12.06nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0061 xine-lib<1.1.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 quagga>=0.99<0.99.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4826 jakarta-tomcat4<=4.1.36 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 nss_ldap<259 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794 nagios-plugins<1.4.3nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5198 nagios-plugin-snmp<1.4.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5623 openoffice2<2.3.1nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 openoffice2<2.3.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 asterisk<1.2.27 authentication-bypass http://downloads.digium.com/pub/security/AST-2008-003.html mit-krb5<1.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5>=1.6<1.6.4 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5<1.4.2nb6 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt mit-krb5>=1.6<1.6.3 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt silc-client<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 silc-toolkit<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 unzip<5.52nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 namazu<2.0.18 cross-site-scripting http://secunia.com/advisories/29386/ maradns<1.2.12.06 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3114 qemu<0.9.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320 qemu<0.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6227 qemu<0.10.0 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 instiki<0.13 cross-site-scripting http://rubyforge.org/forum/forum.php?forum_id=22805 freetype2<2.3.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3506 bzip2<1.0.5 denial-of-service https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html ircu<2.10.12.12nb1 denial-of-service http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060906.html p7zip<4.57 unknown https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066 vlc<0.8.6dnb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 silc-client<1.1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-server<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-toolkit<1.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 mysql-client<5.0 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<5.0 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnupg-1.4.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html gnupg2-2.0.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html thunderbird{,-gtk1}>=2.0<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html seamonkey{,-bin,-gtk1}<1.1.9 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html centerim<4.22.4 shell-command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1467 p5-Tk<804.027nb7 buffer-overflow http://secunia.com/advisories/29546/ xpdf<3.02pl1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 policyd-weight<0.1.14.17 privilege-escalation http://secunia.com/advisories/29553/ wireshark<1.0.0 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-02.html gtar-base<1.15.1nb5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131 eterm<0.9.4nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692 rxvt<2.7.10nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 rxvt-unicode<8.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 aterm<1.0.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 wterm<6.2.9nb8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 mrxvt<0.5.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 phpmyadmin<2.11.5.1 unauthorized-access http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2 inspircd<1.1.18 unspecified http://www.inspircd.org/forum/showthread.php?t=2945 comix<3.6.4nb2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568 thunderbird<1.5.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird<1.5.0.14 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-40.html php<4.4.5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 php>=5.0<5.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 lighttpd<1.4.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531 openssh<4.7.1nb3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 openssh<4.7.1nb3 security-bypass http://marc.info/?l=openssh-unix-dev&m=120692745026265 gnome-screensaver<2.21.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389 gnome-screensaver<2.22.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887 sympa<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648 {ap2,ap22}-suphp<0.6.3 arbitrary-script-execution http://article.gmane.org/gmane.comp.php.suphp.general/348 acroread7<7.0.9 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5857 libgtop<2.14.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}15<5.0.10 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 koffice<1.2.1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt kdegraphics<3.2.3 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt ed<0.2nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939 GeoIP<1.4.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0159 kdebase<3.5.5 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt opera<9.27 code-execution http://www.opera.com/support/search/view/881/ opera<9.27 memory-corruption http://www.opera.com/support/search/view/882/ balsa<2.3.10nb14 buffer-overflow http://bugzilla.gnome.org/show_bug.cgi?id=474366 xscreensaver<5.02 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859 xscreensaver<5.04 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585 neon>=0.26.0<0.26.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0157 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 libevent<1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1030 openssl<0.9.8f side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 openssl<0.9.8f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 sqlitemanager<1.2.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1232 sqlitemanager<1.2.0 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0516 dropbear<0.49 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1099 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 firefox-bin-flash<9.0.124 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6019 ns-flash<9.0.124 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6019 drupal>6<6.2 access-bypass http://drupal.org/node/244637 wireshark<0.99.6 denial-of-service http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html m4<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 python15-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python20-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python21-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python22-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797 ktorrent<2.1.2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384 ktorrent<2.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1799 netperf<2.3.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1444 imp<4.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1515 nas<1.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543 nas<1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545 lookup<1.4.1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237 asterisk>=1.4<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1594 asterisk>=1.4<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2293 asterisk>=1.4<1.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488 zope210<2.10.3 cross-site-request-forgery http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view inkscape<0.45.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1463 mgv-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 ap-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 {ap2,ap22}-perl<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 mit-krb5<1.4.2nb5 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5>=1.6<1.6.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 openpbs<2.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5616 xorg-server<1.1.1 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 libXfont<1.2.0 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352 libX11<1.0.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 p5-Archive-Tar<1.37 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4829 sun-{jdk,jre}14<2.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}15<5.0.11 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}14<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}15<5.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}6<6.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.0.235 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2438 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.1.039 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2953 lftp<3.5.9 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2348 elinks<0.11.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034 python24<2.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 python25<2.5.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 libexif<0.6.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645 libexif<0.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168 mysql-server<4.1.23 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server<4.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0<5.0.44 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.44 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0.9<5.0.51 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226 bochs<2.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2894 findutils<4.2.31 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2452 phppgadmin<4.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5728 base<1.3.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5578 mail-notification<4.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3209 dspam<3.8.0 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6418 exiv2<0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6353 libexif<0.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352 gd<2.0.35 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472 sun-{jdk,jre}15<5.0.12 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 sun-{jdk,jre}6<6.0.1 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 openoffice2-bin<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 curl>=7.14.0<7.16.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564 libcdio<0.80 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613 firefox-bin-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 ns-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 firefox-bin-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 ns-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 sun-{jdk,jre}14<2.15 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}15<5.0.12 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 arbitrary-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1 modular-xorg-server<1.3.0.0nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730 php<5.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 asterisk<1.2.22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk>=1.4<1.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk<1.2.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 asterisk>=1.4<1.4.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 teamspeak-server<2.0.23.19 remote-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3956 mldonkey<2.9.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4100 t1lib<5.1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033 gdm<2.18.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3381 tor<0.1.2.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3165 tor<0.1.2.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4174 clamav<0.93 remote-user-shell http://secunia.com/advisories/29000/ png>=1.0.6<1.0.33 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt png>=1.2.0<1.2.27beta01 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt mksh<33d privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1845 rsync>=3.0.0<3.0.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720 xine-lib<1.1.12 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 cups<1.3.7nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722 xine-lib<1.1.12nb1 remote-system-access http://secunia.com/advisories/29850/ openoffice2{,-bin}<2.4 remote-system-access http://secunia.com/advisories/29852/ firefox{,-bin,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html seamonkey{,-bin,-gtk1}<1.1.10 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html thunderbird{,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 vlc<0.8.6f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 vlc<0.8.6f remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 poppler<0.8.0nb1 remote-system-access http://secunia.com/advisories/29836/ xpdf<3.02pl2nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 streamripper<1.61.27nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4337 sudo<1.6.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3149 po4a<0.23nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4462 bugzilla<2.22.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla<2.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 bugzilla>3<3.0.1 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla>3<3.0.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 konversation<1.0.1nb8 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4400 id3lib<3.8.3nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460 sylpheed<2.4.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 claws-mail<3.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 subversion-base<1.4.5 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3846 bitchx<1.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4584 bitchx<1.1nb3 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5839 star<1.4.3nb4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4134 claws-mail<3.2.0 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208 samba>3.0.25<3.0.26 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 kdebase>=3.3.0<3.5.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569 asterisk>1.4.4<1.4.12 denial-of-service http://downloads.digium.com/pub/asa/AST-2007-021.html fuse-chironfs<1.0RC7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5101 sun-{jdk,jre}14<2.16 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}15<5.0.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}6<6.0.3 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 pwlib<1.8.3nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897 wesnoth<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 wesnoth>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 bacula<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5626 delegate<9.7.5 arbitrary-code-execution http://www.delegate.org/mail-lists/delegate-en/3856 sun-{jdk,jre}14<2.16 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}15<5.0.13 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}6<6.0.3 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 3proxy<0.5.3j denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5622 phpmyadmin<2.11.5.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924 vobcopy<1.1.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5718 liferea<1.4.6 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5751 perdition<1.17nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 emacs{,-nox11}>=22<22.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5795 dbmail<2.2.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6714 blender<2.45nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102 blender<2.45nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103 kronolith<2.1.8 cross-site-scripting http://marc.info/?l=horde-announce&m=120931816706926&w=2 vorbis-tools<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 SDL_sound<1.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 sweep<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 emacs{,-nox11}>=20<20.7nb11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=21<21.4anb13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=22<22.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}<21.4.17nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}>=21.5<21.5.27nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 kdelibs>=3.5.5<3.5.9nb1 linux-denial-of-service http://www.kde.org/info/security/advisory-20080426-2.txt ikiwiki<2.42 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0165 py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1937 swfdec<0.6.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1834 php5-apc<5.2.5.3.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1488 xine-lib<1.1.11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 wyrd<1.4.1nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0806 imp<4.1.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 win32-codecs<071007 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200803-08.xml graphviz<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 scponly<4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350 boost-libs<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 boost-headers<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 glib2<2.14.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 plone25<2.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 plone3<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 speex<1.0.5nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 php>=5<5.2.5 security-bypass http://securityreason.com/achievement_securityalert/47 php>=5<5.2.5 arbitrary-code-execution http://www.php.net/releases/5_2_5.php php>=5<5.2.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 php>=5<5.2.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php>=5<5.2.6 unknown http://www.php.net/ChangeLog-5.php#5.2.6 php5-pear-MDB2<2.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_mysql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_pgsql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 pioneers<0.11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6010 teTeX-bin<3.0nb16 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200711-26.xml liferea<1.4.8 privilege-escalation http://www.novell.com/linux/security/advisories/2005_22_sr.html rsync<2.6.9nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199 bugzilla>=2.17.2<2.22.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 account-impersonation http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 unauthorized-bug-change http://www.bugzilla.org/security/2.20.5/ GraphicsMagick<1.1.12 remote-security-bypass http://sourceforge.net/project/shownotes.php?release_id=595544 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698 php<5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php<4.4.8 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php>=5<5.2.5 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php<5 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php>=5<5.2.6 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php<5 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 php>=5<5.2.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 licq<1.3.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996 php>=4<5 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<4.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5<5.0.51bnb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5.1<5.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 qemu-0.9.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004 ganglia-webfrontend<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6465 kdebase<3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5963 mantis<1.1.0 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8679 mantis<1.1.1 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8756 xmp<2.6.0 arbitrary-code-execution http://aluigi.altervista.org/adv/xmpbof-adv.txt RealPlayerGold-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0098 qt4-libs>=4.3.0<4.3.3 certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5965 mongrel>=1.0.4<1.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6612 openafs<1.4.6 denial-of-service http://www.openafs.org/security/OPENAFS-SA-2007-003.txt libxml2<2.6.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 bind<8.4.7pl1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 bind>=9<9.4.1pl1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 gnumeric<1.8.1 arbitrary-code-execution http://bugzilla.gnome.org/show_bug.cgi?id=505330 sun-{jdk,jre}15<5.0.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.2 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.4 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231246-1 tk<8.4.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553 acroread8<8.1.2 arbitrary-code-execution http://www.adobe.com/go/kb403079 acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/go/kb403079 clamav<0.92.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728 GraphicsMagick<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 vmware<5.5.6 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 vmware>=6<6.0.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 tcl<8.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 mplayer<1.0rc10nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 gmplayer<1.0rc10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 acroread<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread{5,7}-[0-9]* arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread8<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 duplicity<0.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5201 flex<2.5.33 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0459 quake3arena-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3400 xdm<1.0.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214 libX11>=1.0.2<1.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907 xentools3-hvm<3.1.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 sarg<2.2.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922 mysql-server<4.1.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 mysql-server>=5<5.0.42 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3782 mt-daapd-0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1771 mt-daapd<0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824 mt-daapd<0.2.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825 mantis<1.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6611 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423 py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1nb1 cross-site-scripting http://www.djangoproject.com/weblog/2008/may/14/security/ mantis<1.1.2 cross-site-request-forgery http://secunia.com/advisories/30270/ uudeview<0.5.20nb2 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 uulib<0.5.20nb4 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 WordNet<3.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149 net-snmp<5.4.1nb2 arbitrary-code-execution http://secunia.com/advisories/30187/ libid3tag<0.15.1bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2109 ja-ptex-bin-[0-9]* remote-manipulation-of-data http://secunia.com/advisories/30168/ ja-ptex-bin-[0-9]* remote-system-access http://secunia.com/advisories/30168/ mtr<0.72nb1 arbitrary-code-execution http://seclists.org/fulldisclosure/2008/May/0488.html nagios-base<2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5803 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 libxslt<1.1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 snort<2.8.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804 perl<5.8.8nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927 stunnel>=4.16<4.24 accepts-revoked-ocsp-cert http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2420 nagios-plugins<1.4.6 local-code-execution https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1630970&group_id=29880 samba<3.0.28anb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 spamdyke<3.1.8 remote-security-bypass http://secunia.com/advisories/30408/ imlib2<1.4.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426 emacs{,-nox11}>=20<20.7nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=21<21.4anb12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=22.1<22.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 xemacs{,-nox11}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 apache-tomcat>=6<6.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 vmware<6.0.4 arbitrary-code-execution http://www.vmware.com/security/advisories/VMSA-2008-0008.html ikiwiki<2.48 authentication-bypass http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483770 openssl<0.9.8gnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 websvn<1.61nb8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 evolution<2.12.3nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 evolution>=2.22<2.22.2nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 GraphicsMagick<1.1.14 remote-system-access http://secunia.com/advisories/30549/ GraphicsMagick>=1.2<1.2.3 remote-system-access http://secunia.com/advisories/30549/ exiv2<0.16nb1 denial-of-service http://dev.robotbattle.com/bugs/view.php?id=0000546 vmware<5.5.7 privilege-escalation http://www.vmware.com/security/advisories/VMSA-2008-0009.html asterisk<1.2.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2119 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt asterisk<1.2.26 security-bypass http://downloads.digium.com/pub/security/AST-2007-027.html asterisk<1.2.28 denial-of-service http://downloads.digium.com/pub/security/AST-2008-006.html net-snmp<5.4.1nb4 spoof-authenticated-packets http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 freetype2<2.3.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 apache>2.0<2.0.63nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 apache>=2.2.0<2.2.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 openoffice2{,-bin}<2.4.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2008-2152.html courier-authlib<0.60.6 SQL-code-injection http://marc.info/?l=courier-users&m=121293814822605&w=2 freetype2<2.3.6 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id={715,716,717} nasm<2.02nb1 local-user-shell http://secunia.com/advisories/30594/ modular-xorg-server<1.3.0.0nb10 multiple-vulnerabilities http://lists.freedesktop.org/archives/xorg-announce/2008-June/000578.html opera<9.50 url-spoofing http://www.opera.com/support/search/view/878/ opera<9.50 information-disclosure http://www.opera.com/support/search/view/883/ opera<9.50 security-bypass http://www.opera.com/support/search/view/885/ vim{,-gtk,-gtk2,-motif,-xaw,-share}<7.1.299 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712 turba<2.2.1 cross-site-scripting http://secunia.com/advisories/30704/ horde<3.1.7nb1 cross-site-scripting http://secunia.com/advisories/30697/ horde>=3.2<3.2.1 cross-site-scripting http://secunia.com/advisories/30697/ roundcube<0.2alpha cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6321 clamav<0.93.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 fetchmail<6.3.8nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 ruby18-base<1.8.7.22 arbitrary-code-execution http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities phpmyadmin<2.11.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-4 rt<3.6.7 denial-of-service http://lists.bestpractical.com/pipermail/rt-announce/2008-June/000158.html acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html acroread8<8.1.2nb1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html squid<2.6.21 denial-of-service http://marc.info/?l=squid-announce&m=121469526501591&w=2 squid<2.6.21 privacy-leak http://marc.info/?l=squid-announce&m=121469526501591&w=2 pidgin<2.4.3 arbitrary-code-execution http://archives.neohapsis.com/archives/bugtraq/2008-06/0225.html GraphicsMagick-1.1.[0-9]* remote-system-access http://secunia.com/advisories/30879/ GraphicsMagick>=1.2<1.2.4 remote-system-access http://secunia.com/advisories/30879/ firefox{,-bin,-gtk1}<2.0.0.15 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 seamonkey{,-bin,-gtk1}<1.1.10 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 wireshark<1.0.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-03.html ruby18-base<1.8.7.22nb1 denial-of-service http://securenetwork.it/ricerca/advisory/download/SN-2008-02.txt vlc<0.8.6fnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430 openldap-client<2.4.9nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952 opera<9.51 information-disclosure http://www.opera.com/support/search/view/887/ thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 thunderbird{,-gtk1}<2.0.0.16 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-24.html thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 pcre<7.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 # vte-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 libzvt-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 bind>9.5.0<9.5.0pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.4.0<9.4.2pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.3.0<9.3.5pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind-8.[0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 poppler<0.8.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 drupal>6.0<6.3 cross-site-scripting http://drupal.org/node/280571 drupal>5.0<5.8 cross-site-request-forgeries http://drupal.org/node/280571 drupal>6.0<6.3 cross-site-request-forgeries http://drupal.org/node/280571 drupal>5.0<5.8 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 sql-injection http://drupal.org/node/280571 ffmpeg<0.4.9pre1nb4 remote-code-execution https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311 sun-j{re,dk}14<2.18 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}15<5.0.16 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}6<6.0.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] wireshark<1.0.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-04.html zsh<4.2.6nb1 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 zsh>=4.3<4.3.4nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 firefox{,-bin,-gtk1}<2.0.0.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html firefox3{,-bin}<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html seamonkey{,-bin,-gtk1}<1.1.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html phpmyadmin<2.11.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-5 mercurial<1.0.1nb1 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2942 firefox{,-bin,-gtk1}<2.0.0.16 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html firefox3{,-bin}<3.0.1 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html byacc<20050813nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196 py{15,20,21,22,23,24,25,26,27,31}-moin<1.7.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.6.3 dnsmasq<2.45 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 openssh<5.0.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3259 drupal<5.9 session-fixation http://drupal.org/node/286417 drupal>=6<6.3 session-fixation http://drupal.org/node/286417 newsx<1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3252 trac<0.10.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3328 RealPlayerGold<11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5400 phpmyadmin<2.11.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6 gnutls>=2.3.5<2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2377 fprot-workstation-bin-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3447 pan<0.133 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 openttd<0.6.2 arbitrary-code-execution http://sourceforge.net/project/shownotes.php?release_id=617243 python24<2.4.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python25<2.5.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python24<2.4.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 python25<2.5.2nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 jakarta-tomcat4<4.1.39 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 jakarta-tomcat4<4.1.39 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 jakarta-tomcat5-[0-9]* directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 libxslt<1.1.24nb1 arbitrary-code-execution http://www.scary.beasts.org/security/CESA-2008-003.html scmgit<1.5.6.4 remote-system-access http://kerneltrap.org/mailarchive/git/2008/7/16/2529284 ruby18-base<1.8.7.72 multiple-vulnerabilities http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ powerdns<2.9.21nb2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337 pidgin<2.5.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532 mono<1.9.1nb2 cross-site-scripting http://secunia.com/advisories/31338/ apache-2.0.[0-5]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.6[0-2]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.63{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache>=2.2.0<2.2.9nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 python25<2.5.2nb3 weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 bugzilla<2.22.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ bugzilla>=3.0<3.0.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ amarok<1.4.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 ipsec-tools<0.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651 ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.2.69 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677 isc-dhcpd<3.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062 postfix<2.5.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix<2.5.4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 postfix>=2.6.20080000<2.6.20080814 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix>=2.6.20080000<2.6.20080814 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 drupal<5.10 multiple-vulnerabilities http://drupal.org/node/295053 drupal>=6<6.4 multiple-vulnerabilities http://drupal.org/node/295053 yelp>=2.19.90<2.22.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533 mktemp<1.6 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495193 xine-lib<1.1.15 remote-system-access http://www.ocert.org/advisories/ocert-2008-008.html zope29>=2.9<2.9.9nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope210>=2.10<2.10.6nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope211>=2.10<2.11.1nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ awstats<6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3714 sympa<5.4.4 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494969 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 sqlitemanager-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages R<2.7.0nb1 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496363 bitlbee<1.2.2 security-bypass http://secunia.com/advisories/31633/ tiff<3.8.2nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327 ruby18-base<1.8.7.72nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 vim<7.2.10 arbitrary-command-execution http://www.rdancer.org/vulnerablevim-K.html openoffice{,2}<2.4.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3282 mono<1.9.1nb4 cross-site-scripting https://bugzilla.novell.com/show_bug.cgi?id=418620 gpsdrive-[0-9]* privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496436 libxml2<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 opera<9.52 arbitrary-code-execution http://www.opera.com/support/search/view/892/ opera<9.52 security-bypass http://www.opera.com/support/search/view/893/ opera<9.52 security-bypass http://www.opera.com/support/search/view/895/ opera<9.52 local-file-reading http://www.opera.com/support/search/view/896/ opera<9.52 url-spoofing http://www.opera.com/support/search/view/897/ postfix<2.5.5 denial-of-service http://www.postfix.org/announcements/20080902.html clamav<0.94 denial-of-service http://secunia.com/advisories/31725/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.3 cross-site-request-forgery http://www.djangoproject.com/weblog/2008/sep/02/security/ wireshark>=0.9.7<1.0.3 denial-of-service http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675 wireshark>=0.10.14<1.0.3 arbitrary-code-execution http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2649 png>=1.2.30beta04<1.2.32beta01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964 geeklog<1.4.1nb3 remote-file-write http://www.geeklog.net/article.php/file-uploads vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 horde<3.2.2 cross-site-scripting http://marc.info/?l=horde-announce&m=122104360019867&w=2 mysql-server>=5<5.0.66 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 mysql-server>=5.1<5.1.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 gri<2.12.18 insecure-temporary-files http://gri.sourceforge.net/gridoc/html/Version_2_12.html phpmyadmin<2.11.9.1 arbitrary-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7 proftpd<1.3.2rc2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242 ffmpeg<20080727 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3230 rails<2.1.1 sql-injection http://rails.lighthouseapp.com/projects/8994/tickets/288 firefox{,-bin,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 seamonkey{,-bin,-gtk1}<1.1.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 thunderbird{,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3836 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4059 firefox3{,-bin}<3.0.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 firefox{,-bin,-gtk1}<2.0.0.17 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4066 firefox3{,-bin}<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 thunderbird{,-gtk1}<2.0.0.17 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 faad2<2.6.1nb1 arbitrary-code-execution http://secunia.com/advisories/32006/ aegis<4.24.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4938 samba>3.2<=3.2.3 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 lighttpd<1.4.20 denial-of-service http://trac.lighttpd.net/trac/ticket/1774 tnftpd<20080929 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 firefox3<3.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4324 gmplayer<1.0rc10nb6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mencoder<1.0rc10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mplayer<1.0rc10nb8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 xerces-c<3.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4482 xentools3-hvm-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945 libxml2<2.7.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409 dovecot<1.1.4 remote-security-bypass http://www.dovecot.org/list/dovecot-news/2008-October/000085.html mysql-client>=5.0<5.0.67nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456 xentools33<3.3.0nb2 security-bypass http://secunia.com/advisories/32064/ xentools3-[0-9]* security-bypass http://secunia.com/advisories/32064/ drupal>=5<5.11 multiple-vulnerabilities http://drupal.org/node/318706 drupal>=6<6.5 multiple-vulnerabilities http://drupal.org/node/318706 graphviz<2.16.1nb3 remote-system-access http://secunia.com/advisories/32186/ ap{2,22}-modsecurity>2.5.0<2.5.6 remote-security-bypass http://secunia.com/advisories/32146/ opera<9.6 multiple-vulnerabilities http://secunia.com/advisories/32177/ firefox-bin-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ ns-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ gtar-base<1.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476 dbus<1.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 vlc<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558 mantis<1.1.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102 firefox-bin-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html ns-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html jhead<2.84 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575 vlc>=0.9.0<0.9.5 arbitrary-code-execution http://www.videolan.org/security/sa0809.html opera<9.61 information-disclosure http://www.opera.com/support/search/view/903/ opera<9.61 cross-site-scripting http://www.opera.com/support/search/view/904/ opera<9.61 security-bypass http://www.opera.com/support/search/view/905/ mantis<1.1.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687 apache-tomcat<5.5.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat4<4.1.32 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat5-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 wireshark<1.0.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-06.html drupal>=5<5.12 multiple-vulnerabilities http://drupal.org/node/324824 drupal>=6<6.6 multiple-vulnerabilities http://drupal.org/node/324824 websvn<2.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5918 websvn<2.1.0 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5919 websvn<2.1.0 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0240 enscript<1.6.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863 gpsd<2.37nb1 remote-information-exposure http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116 libspf2<1.2.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2469 imlib2<1.4.2 unspecified http://secunia.com/advisories/32354/ png<1.2.33rc02 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=635463&group_id=5624 jhead<2.86 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641 ktorrent>=3.0<3.1.4 security-bypass http://secunia.com/advisories/32442/ phpmyadmin<2.11.9.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-9 lynx<2.8.6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7234 opera<9.62 system-access http://secunia.com/advisories/32452/ dovecot>=1.1.4<1.1.6 denial-of-service http://www.dovecot.org/list/dovecot-news/2008-October/000089.html openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237 openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238 phpmyadmin<2.11.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8 crossfire-maps-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 crossfire-server>=1.11.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 imap-uw<2007d system-access http://secunia.com/advisories/32483/ ed<1.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916 kdelibs-3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5698 ktorrent>=2.0<2.2.8 remote-security-bypass http://secunia.com/advisories/32447/ net-snmp<5.4.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 acroread8<8.1.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-19.html silc-server<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1429 nagios-base<3.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5027 vlc08-[0-9]* remote-system-access http://www.videolan.org/security/sa0810.html vlc>=0.5.0<0.9.6 remote-system-access http://www.videolan.org/security/sa0810.html bugzilla<2.22.6 security-bypass http://www.bugzilla.org/security/2.20.6/ bugzilla>3.0.0<3.0.6 security-bypass http://www.bugzilla.org/security/2.20.6/ lmbench-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4968 gnutls<2.6.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 py{15,20,21,22,23,24,25,26,27,31}-moin-[0-9]* remote-information-exposure http://secunia.com/advisories/32686/ trac<0.11.2 multiple-vulnerabilities http://secunia.com/advisories/32652/ ja-trac<0.11.1pl2 multiple-vulnerabilities http://secunia.com/advisories/32652/ clamav<0.94.1 remote-system-access http://secunia.com/advisories/32663/ nagios-base<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5028 fwbuilder{,21}-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4956 scilab<4.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4983 optipng<0.6.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5101 typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-1/ typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-2/ streamripper<1.61.27nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829 libxml2<2.7.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 libxml2<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 imlib2<1.4.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 mailscanner<4.55.11 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5140 opera<9.63 multiple-vulnerabilities http://secunia.com/advisories/32752/ blender<2.49bnb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4863 vmware<5.5.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4915 firefox{,-bin,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html firefox3{,-bin}<3.0.4 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-51.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox3{,-bin}<3.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html thunderbird{,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox{,-bin,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html firefox3{,-bin,-gtk1}<3.0.4 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html thunderbird{,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html libcdaudio<0.99.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030 wireshark<1.0.4nb1 denial-of-service http://secunia.com/advisories/32840/ gnetlist<1.4.0nb1 privilege-escalation http://secunia.com/advisories/32806/ amaya-[0-9]* system-access http://secunia.com/advisories/32848/ samba>=3.0.29<3.0.32nb2 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html samba>3.2<=3.2.4 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html mailscanner<4.73.3.1 denial-of-service http://secunia.com/advisories/32915/ vlc<0.9.8a remote-system-access http://www.videolan.org/security/sa0811.html clamav<0.94.2 denial-of-service http://secunia.com/advisories/32926/ squirrelmail<1.4.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2379 ImageMagick<6.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 GraphicsMagick<1.1.8 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 powerdns<2.9.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5277 nagios-base<3.0.6 unknown http://secunia.com/advisories/32909/ sun-j{re,dk}14<2.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}15<5.0.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}6<6.0.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5303 tor<0.2.0.32 remote-security-bypass http://secunia.com/advisories/33025/ tor<0.2.0.32 privilege-escalation http://secunia.com/advisories/33025/ mgetty<1.1.36nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4936 dbus<1.2.4.2 security-bypass http://lists.freedesktop.org/archives/dbus/2008-December/010702.html drupal<5.13 cross-site-request-forgeries http://drupal.org/node/345441 drupal>6<6.7 cross-site-request-forgeries http://drupal.org/node/345441 phpmyadmin<2.11.9.4 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security/PMASA-2008-10.php phppgadmin<4.2.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5587 mailscanner<4.74.6.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313 asterisk<1.2.30.4 denial-of-service http://downloads.digium.com/pub/security/AST-2008-012.html mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5249 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5250 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5252 roundcube<0.2beta2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 roundcube<0.2beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5620 horde<3.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000464.html turba<2.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000465.html imp<4.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000463.html gmplayer<1.0rc10nb8 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mplayer<1.0rc10nb10 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mencoder<1.0rc10nb5 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt cmus<2.2.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5375 ns-flash<9.0.152 remote-system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html firefox{,-bin}-2.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox-gtk1-2.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imap-uw<2007e denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5514 avahi<0.6.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 openvpn>=2.1rc1<2.1rc9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3459 pdfjam-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5743 pdfjam-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5843 netatalk<2.0.3nb12 system-access http://secunia.com/advisories/33227/ courier-authlib<0.62.0 sql-injection-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2380 adobe-flash-plugin<10.0.15.3 system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html qemu<0.10.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382 aview<1.3.0.1nb12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4935 gitweb>=1.6<1.6.0.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.6<1.5.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.5<1.5.5.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.4.3<1.5.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 psi<0.12.1 denial-of-service http://secunia.com/advisories/33311/ firefox{,-bin,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-62.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox{,-bin,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox{,-bin,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-69.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox3{,-bin}<3.0.5 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-63.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox3{,-bin}<3.0.5 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox3{,-bin}<3.0.5 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox3{,-bin}<3.0.5 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-69.html seamonkey{,-bin,-gtk1}<1.1.14 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html seamonkey{,-bin,-gtk1}<1.1.14 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html thunderbird{,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html thunderbird{,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html xterm<238 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 libaudiofile<0.2.6nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824 audacity<1.2.6nb2 remote-system-access http://secunia.com/advisories/33356/ links{,-gui}-[0-9]* remote-spoofing http://secunia.com/advisories/33391/ samba>=3.2.0<3.2.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 openssl<0.9.8j signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 amarok<1.4.10nb1 remote-code-execution http://www.trapkit.de/advisories/TKADV2009-002.txt drupal<5.15 sql-injection http://drupal.org/node/358957 drupal>6<6.9 sql-injection http://drupal.org/node/358957 drupal>6<6.9 access-bypass http://drupal.org/node/358957 drupal>6<6.9 validation-bypass http://drupal.org/node/358957 bind>=9.4.0<9.4.3pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.5.0<9.5.1pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.6.0<9.6.0pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 asterisk<1.2.33 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html asterisk>=1.6<1.6.0.10 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html typo3<4.2.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/ py{15,20,21,22,23,24,25,26,27,31}-moin<=1.8.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.8.1 roundcube<0.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0413 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5516 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5517 ganglia-monitor-core<3.1.2 remote-system-access http://secunia.com/advisories/33506/ xdg-utils-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 xdg-utils-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 tnftpd<20081009 cross-site-scripting http://securityreason.com/achievement_securityalert/56 libmikmod-[0-9]* remote-denial-of-service http://secunia.com/advisories/33485/ devIL>=1.6.7<1.7.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5262 tor<0.2.0.33 remote-denial-of-service http://secunia.com/advisories/33635/ ap{,2,22}-auth-mysql>=4<4.3.9nb1 remote-SQL-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2384 gst-plugins0.10-good<0.10.12 remote-system-access http://trapkit.de/advisories/TKADV2009-003.txt gentoo-0.11.57nb1 insecure-temporary-files http://mail-index.netbsd.org/pkgsrc-changes/2009/01/25/msg017509.html ntp<4.2.4p6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 dia-python<0.97.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5984 GraphicsMagick<1.3.5 remote-denial-of-service http://secunia.com/advisories/33697/ imp<4.3.3 cross-site-scripting http://secunia.com/advisories/33719/ horde<3.3.3 cross-site-scripting http://secunia.com/advisories/33695/ ffmpeg<20080727nb7 remote-user-shell http://www.trapkit.de/advisories/TKADV2009-004.txt netsaint-base-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugins-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-cluster-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-snmp-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<2.22.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla<2.22.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ bugzilla>3.2<3.2.2 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.8 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla>3.0<3.0.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ sudo<1.7.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034 squid<2.7 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages squid>=2.7<2.7.6 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt squid>=3.0<3.0.13 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt firefox3{,-bin}<3.0.6 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html seamonkey{,-bin,-gtk1}<1.1.15 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html thunderbird{,-gtk1}<2.0.0.21 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html proftpd>=1.3.1<1.3.2 sql-injection http://secunia.com/advisories/33842/ typo3<4.2.6 information-disclosure http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ typo3<4.2.6 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ net-snmp<5.4.2.1nb1 information-disclosure http://secunia.com/advisories/33884/ evolution-data-server<2.24.4.1nb2 smime-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0547 varnish<2.0.1 denial-of-service http://secunia.com/advisories/33852/ tor<0.2.0.34 denial-of-service http://archives.seul.org/or/announce/Feb-2009/msg00000.html mediawiki<1.13.4 cross-site-scripting http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_4/phase3/RELEASE-NOTES wireshark>=0.99.0<1.0.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-07.html wireshark>=0.99.6<1.0.6 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2009-01.html boinc-[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0126 mpack<1.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1425 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5239 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5240 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 png<1.2.35 denial-of-service http://secunia.com/advisories/33970/ djbdns<1.05nb9 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4392 p5-HTTPD-User-Manage<1.63 cross-site-scripting http://jvn.jp/en/jp/JVN30451602/index.html mldonkey>=2.8.4<3.0.0 remote-file-access https://savannah.nongnu.org/patch/?6754 ns-flash<9.0.159 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-01.html acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread7<7.1.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread8<8.1.4 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html pngcrush<1.6.14 arbitrary-code-execution http://secunia.com/advisories/33976/ apache-tomcat>=5.5.10<=5.5.20 information-disclosure http://tomcat.apache.org/security-5.html opensc<0.11.7 unauthorized-access http://secunia.com/advisories/34052/ php<5.2.9 multiple-vulnerabilities http://secunia.com/advisories/34081/ trickle>=1.07 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0415 optipng<=0.6.2 arbitrary-code-execution http://secunia.com/advisories/34035/ squid<3.2.0.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801 mldonkey<=2.9.7 information-disclosure https://savannah.nongnu.org/bugs/?25667 curl<7.18.0nb4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 curl>=7.19.0<7.19.4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 opera<9.64 multiple-vulnerabilities http://secunia.com/advisories/34135/ libsndfile<1.0.17nb5 arbitrary-code-execution http://secunia.com/advisories/33980/ libsndfile>1.0.17nb5<1.0.19 arbitrary-code-execution http://secunia.com/advisories/33980/ wesnoth<1.5.11 arbitrary-code-execution https://gna.org/bugs/index.php?13048 mpfr<2.4.1 buffer-overflow http://secunia.com/advisories/34063/ firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html firefox3{,-bin}<3.0.7 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html firefox3{,-bin}<3.0.7 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html firefox3{,-bin}<3.0.7 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html seamonkey{,-bin,-gtk1}<1.1.15 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html thunderbird{,-gtk1}<2.0.0.21 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html thunderbird{,-gtk1}<2.0.0.21 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html ap{2,22}-modsecurity>2.5.0<2.5.8 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667538 ap{2,22}-modsecurity>2.5.0<2.5.9 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667542 asterisk>=1.6<1.6.0.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-002.html roundup<0.8.3 query-manipulation http://issues.roundup-tracker.org/issue2550521 #postgresql8[123]-server-[0-9]* information-disclosure http://archives.postgresql.org/pgsql-hackers/2009-02/msg00861.php py{15,20,21,22,23,24,25,26,27,31}-amkCrypto<2.0.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0544 wesnoth<1.5.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0366 icu<4.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036 libsoup<2.24.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution<2.22.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution-data-server<2.24.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0587 ejabberd<2.0.4 script-insertion-attacks http://secunia.com/advisories/34340/ lcms<1.18 denial-of-service http://scary.beasts.org/security/CESA-2009-003.html weechat<0.2.6.1 denial-of-service http://secunia.com/advisories/34304/ glib2<2.20.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html gst-plugins0.10-base<0.10.22nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586 firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-13.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html asterisk>=1.2<1.2.32 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html asterisk>=1.6<1.6.0.8 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html clamav<0.95 denial-of-service http://secunia.com/advisories/34566/ bugzilla>=3.2<3.2.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1213 mapserver<4.10.4 multiple-vulnerabilities http://secunia.com/advisories/34520/ openssl<0.9.8k denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 eog<=2.22.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983 mpg123{,-esound,-nas}>=1.0<1.7.2 arbitrary-code-execution http://secunia.com/advisories/34587/ ghostscript<8.64nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 clamav<0.95.1 denial-of-service http://secunia.com/advisories/34612/ amaya<=11.1 arbitrary-code-execution http://secunia.com/advisories/34531/ jakarta-tomcat4>=4.0.0<4.0.7 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat4>=4.1.0<4.1.37 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat5>=5.0.0<5.0.31 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 apache-tomcat>=5.5.0<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 lcms<1.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793 tunapie<2.1.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1253 tunapie<2.1.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1254 xine-lib<1.1.16.3 arbitrary-code-execution http://trapkit.de/advisories/TKADV2009-005.txt ap13-perl<1.29nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 ap22-perl<2.0.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 unrealircd<3.2.7nb2 denial-of-service http://forums.unrealircd.com/viewtopic.php?t=6204 ntp<4.2.4p7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 pptp>1.7.2 information-disclosure https://bugzilla.redhat.com/show_bug.cgi?id=492090 geeklog<1.5.2.2 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr2 geeklog<1.5.2.3 sql-injection http://www.geeklog.net/article.php/webservices-exploit ghostscript<8.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 ghostscript<8.64nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 wireshark>=0.99.2<1.0.7 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2009-02.html compiz-fusion-plugins-main<0.6.0nb2 local-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6514 ldns<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1086 phpmyadmin<2.11.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150 phpmyadmin<2.11.9.5 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847 sun-{jdk,jre}14<2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}14<2.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}14<2.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}6<6.0.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 sun-{jdk,jre}6<6.0.13 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 ruby18-base<1.8.7.160 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 ruby18-base<1.8.7.160 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 drupal>6<6.11 cross-site-scripting http://drupal.org/node/449078 drupal<5.17 cross-site-scripting http://drupal.org/node/449078 firefox3{,-bin}<3.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html firefox3{,-bin}<3.0.9 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-20.html firefox3{,-bin}<3.0.9 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html firefox3{,-bin}<3.0.10 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-23.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html seamonkey{,-bin,-gtk1}<1.1.17 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html seamonkey{,-bin,-gtk1}<1.1.17 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html seamonkey{,-bin,-gtk1}<2.0 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html thunderbird{,-gtk1}<2.0.0.22 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html thunderbird{,-gtk1}<2.0.0.22 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html libmodplug<0.8.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 freetype2<2.3.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 gnutls>=2.5.0<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 gnutls<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417 cups<1.3.10 multiple-vulnerabilities http://secunia.com/advisories/34481/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.2 cross-site-scripting http://secunia.com/advisories/34821/ imp<4.3.4 signature-spoofing http://secunia.com/advisories/34796/ ntop<3.3.9nb1 insecure-file-permissions http://secunia.com/advisories/34793/ opensc<0.11.8 insecure-key-generation http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 suse{,32}_freetype2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 acroread7<7.1.2 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html acroread8<8.1.5 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html Transmission<1.53 cross-site-request-forgery http://secunia.com/advisories/34969/ Transmission-1.60 cross-site-request-forgery http://secunia.com/advisories/34969/ squirrelmail<1.4.18 multiple-vulnerabilities http://secunia.com/advisories/35073/ amule<2.2.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1440 drupal>5<5.18 cross-site-scripting http://drupal.org/node/461886 drupal>6<6.12 cross-site-scripting http://drupal.org/node/461886 p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 cyrus-sasl<2.1.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 eggdrop<=1.6.19 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html kdegraphics<3.5.10nb2 remote-system-access http://secunia.com/advisories/34754/ geeklog<1.5.2.4 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr4 apache>=2.2.0<2.2.11nb3 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 plone3<3.2.2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0662 file<5.03 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515 py{15,20,21,22,23,24,25,26,27,31}-prewikka-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34928/ memcached<1.2.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255 cscope<15.7a remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148 coccinelle-[0-9]* privilege-escalation http://secunia.com/advisories/35012/ ntp>=4<4.2.4p7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 pango<1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 nsd<3.2.2 remote-system-access http://secunia.com/advisories/35165/ ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574 prelude-manager-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34987/ quagga<0.99.12 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572 wireshark>=0.8.20<1.0.8 remote-denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-03.html pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 gst-plugins0.10-png<0.10.15nb1 arbitrary-code-execution http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc xvidcore<1.2.2 arbitrary-code-execution http://secunia.com/advisories/35274/ libsndfile<1.0.20nb1 denial-of-service http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831 ImageMagick<6.5.2.9 arbitrary-code-execution http://secunia.com/advisories/35216/ apache>=2.2<2.2.11nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 base<1.4.3.1 cross-site-scripting http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 cross-site-request-forgery http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 sql-injection http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1788 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1791 apache-tomcat>=6<6.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=6<6.0.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 apache-tomcat>=5<5.5.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=5<5.5.28 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 jakarta-tomcat4-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 jakarta-tomcat4-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 wxGTK2{4,6}-[0-9]* arbitrary-code-execution http://secunia.com/advisories/35292/ wxGTK28<2.8.10nb1 arbitrary-code-execution http://secunia.com/advisories/35292/ apr-util<1.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 png<1.2.37 information-disclosure http://secunia.com/advisories/35346/ suse{,32}_libpng<11.3 information-disclosure http://secunia.com/advisories/35346/ ruby18-base<1.8.7.173 denial-of-service http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/ acroread7<7.1.3 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html acroread8<8.1.6 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html p5-Compress-Raw-Zlib<2.017 denial-of-service http://secunia.com/advisories/35422/ xfig<3.2.5b privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1962 pdflib-lite<7.0.4p4 remote-system-access http://secunia.com/advisories/35180/ suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.4 remote-security-bypass http://secunia.com/advisories/35407/ scmgit-base<1.6.3.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2108 rt<3.8.4 remote-security-bypass http://secunia.com/advisories/35451/ icu<4.0.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153 firefox3{,-bin}<3.0.11 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html firefox3{,-bin}<3.0.11 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-28.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-30.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html thunderbird{,-gtk1}<2.0.0.22 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html thunderbird{,-gtk1}<2.0.0.22 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html seamonkey{,-bin,-gtk1}<1.1.17 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html seamonkey{,-bin,-gtk1}<1.1.17 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html pcsc-lite<1.5.4 denial-of-service http://secunia.com/advisories/35500/ php5-exif<5.2.10 denial-of-service http://secunia.com/advisories/35441/ ruby18-base<1.8.7.72nb3 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0642 jakarta-tomcat{4,5}-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages tiff<3.8.2nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285 samba>=3.0.31<3.0.34nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 drupal>5<5.19 multiple-vulnerabilities http://drupal.org/node/507572 drupal>6<6.13 multiple-vulnerabilities http://drupal.org/node/507572 nagios-base<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2288 xemacs{,-nox11}-[0-9]* remote-system-access http://secunia.com/advisories/35348/ apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 tor<0.2.0.35 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2425 tor<0.2.0.35 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2426 amsn-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/35621/ pidgin<2.5.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1889 wxGTK-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 amaya<11.3.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 p5-IO-Socket-SSL<1.26 remote-security-bypass http://secunia.com/advisories/35703/ ruby18-actionpack<2.3.2nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422 dillo<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2294 mysql-server<5.0.67nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446 bugzilla>=3.1.1<3.2.4 remote-security-bypass http://www.bugzilla.org/security/3.2.3/ mimetex<1.71 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1382 mimetex<1.71 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2459 isc-dhclient>=4<4.1.0p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 isc-dhcp-client<3.1.2p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 mediawiki>=1.14<1.15.1 cross-site-scripting http://secunia.com/advisories/35818/ htmldoc<1.8.27nb2 remote-system-access http://secunia.com/advisories/35780/ tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347 xmlsec1<1.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 xml-security-c<1.5.1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 mono<2.4.2.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 sun-{jdk,jre}6<6.0.15 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 libmodplug<0.8.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 gst-plugins0.10-bad<0.10.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 gst-plugins0.10-bad<0.10.11 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709 p5-BDB-postgresql<=1.49 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-BDB-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 wireshark<1.2.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-04.html squid>=3.0<3.0.18 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt squid>=3.1<3.1.0.13 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt pulseaudio<0.9.14nb3 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1894 firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-34.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-35.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-36.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-37.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-39.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-40.html wordpress<2.8.2 cross-site-scripting http://wordpress.org/development/2009/07/wordpress-2-8-2/ bind<9.4.3pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.5.0<9.5.1pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.6.0<9.6.1pl1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.3 remote-file-view http://www.djangoproject.com/weblog/2009/jul/28/security/ bash-completion<20080705 command-injection http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=259987 webkit-gtk<1.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2419 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 suse{,32}_libcups<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 suse{,32}_gtk2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295 py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2265 python24<2.4.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 python25<2.5.4 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 adobe-flash-plugin<10.0.32.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 ns-flash<9.0.246.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 silc-client<1.1.8 arbitrary-code-execution http://www.silcnet.org/docs/changelog/SILC%20Client%201.1.8 wordpress<2.8.3 privilege-escalation http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ apr-util<1.3.9 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 subversion-base<1.6.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 apr<1.3.8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 GraphicsMagick<1.3.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1097 openexr<=1.6.1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720 openexr<=1.6.1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721 openexr<=1.6.1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722 vlc<0.8.6inb5 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=0.9<0.9.9anb2 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=1.0<1.0.0nb1 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html mplayer<1.0rc10nb14 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 firefox3{,-bin}<3.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404 firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2654 fetchmail<6.3.11 spoofing-attacks http://www.fetchmail.info/fetchmail-SA-2009-01.txt sun-{jdk,jre}14<2.22 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}15<5.0.20 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}6<6.0.15 multiple-vulnerabilities http://secunia.com/advisories/36159/ irssi<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959 asterisk>=1.6.1<1.6.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2009-004.html kdelibs<3.5.10nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 firefox3{,-bin}<3.0.12 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-38.html firefox3{,-bin}<3.0.13 www-address-spoof http://www.mozilla.org/security/announce/2009/mfsa2009-44.html firefox3{,-bin}<3.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-45.html zope29<2.9.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope210<2.10.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope211<2.11.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope3<3.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope29<2.9.11 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope210<2.10.9 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope211<2.11.4 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope3<3.3.3 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 xerces-c<2.8.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660 asterisk>=1.6.1<1.6.1.4 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html asterisk>=1.6.0<1.6.0.13 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html wordpress<2.8.4 bypass-security-check http://wordpress.org/development/2009/08/2-8-4-security-release/ gnutls<2.8.2 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 viewvc<1.0.9 cross-site-scripting http://secunia.com/advisories/36292/ squirrelmail<1.4.20rc2 cross-site-scripting http://www.squirrelmail.org/security/issue/2009-08-12 curl<7.19.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 samba-3.0.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 p5-Compress-Raw-Bzip2<2.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1884 libvorbis<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663 ntop<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2732 isc-dhcp-server<3.1.2p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 cogito-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.2<1.2.35 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.0<1.6.0.15 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.1<1.6.1.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html libspf2<1.2.9nb1 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2009/09/08/msg029522.html expat<2.0.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 geeklog<1.5.2.5 remote-security-bypass http://www.geeklog.net/article.php/geeklog-1.6.0sr2 geeklog<1.5.2.5 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.6.0sr1 geeklog<1.5.2.5 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.0sr1 neon<0.28.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473 neon<0.28.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2474 squid<2.7.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855 libpurple<2.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 libpurple-2.6.0{,nb[0-9]*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025 libpurple<2.6.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026 ikiwiki<3.1415926 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2944 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3047 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3046 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3045 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3044 opera<10.0 html-form-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3048 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3049 wget<1.11.4nb1 ssl-cert-spoofing http://secunia.com/advisories/36540/ qt4-libs<4.5.2nb3 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 dnsmasq<2.50 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957 dnsmasq<2.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958 freeradius<1.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3086 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3009 libpurple>=2.5.2<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085 libpurple>=2.6.0<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703 apache-2.0.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache>=2.2.0<2.2.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache-2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 kdelibs-3.[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702 cyrus-imapd<2.2.13p1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 dovecot-sieve<1.1.7 arbitrary-code-execution http://www.dovecot.org/list/dovecot-news/2009-September/000135.html slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159 slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160 seamonkey{,-bin,-gtk1}<1.1.18 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html seamonkey{,-bin,-gtk1}<1.1.18 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html thunderbird{,-gtk1}<2.0.0.23 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html thunderbird{,-gtk1}<2.0.0.23 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox<3.5.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xulrunner<1.9.1.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html firefox3<3.0.14 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xapian-omega<1.0.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2947 bugzilla<3.2.5 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165 rt<3.8.5 script-insertion http://secunia.com/advisories/36752/ wireshark<1.0.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-05.html wireshark<1.2.2 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-06.html vlc<1.0.2 arbitrary-code-execution http://secunia.com/advisories/36762/ ffmpeg<20090611nb4 heap-overflow http://secunia.com/advisories/36760/ ffmpeg-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/36805/ php<5.2.11 multiple-vulnerabilities http://www.php.net/releases/5_2_11.php nginx<0.5.38 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.6<0.6.39 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.7<0.7.62 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.8<0.8.15 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx<0.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.6<0.6.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.7<0.7.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.8<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 fprot-workstation-bin-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages drupal>5<5.20 multiple-vulnerabilities http://drupal.org/node/579482 drupal>6<6.14 multiple-vulnerabilities http://drupal.org/node/579482 newt<0.52.11 denial-of-service http://secunia.com/advisories/36810/ merkaartor<=0.14 privilege-escalation http://secunia.com/advisories/36897/ nginx<0.7.63 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 nginx>=0.8<0.8.17 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 samba<3.0.37 information-disclosure http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 samba<3.0.37 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 samba<3.0.37 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 snort<2.8.5 denial-of-service http://secunia.com/advisories/36808/ thin<1.2.4 source-address-spoofing http://secunia.com/advisories/36825/ apache>2.0<2.0.64 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache>2.2.0<2.2.13nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache<1.3.42 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 tkman-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137 horde<3.3.5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236 horde<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237 glib2<2.2.21 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3289 puppet<0.24.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 aria2<1.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3575 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 py{15,20,21,22,23,24,25,26,27,31}-django>=1.1<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 unbound<1.3.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3602 py{15,20,21,22,23,24,25,26,27,31}-postgresql<4.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2940 gd<2.0.35nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 php5-gd<5.2.11nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 typo3<4.2.10 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/ asterisk>=1.6.1<1.6.1.8 security-restrictions-bypass http://downloads.digium.com/pub/security/AST-2009-007.html wireshark<1.2.3 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-07.html firefox3-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox<3.5.4 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-52.html firefox<3.5.4 insecure-temp-files http://www.mozilla.org/security/announce/2009/mfsa2009-53.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-54.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html firefox<3.5.4 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-57.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html firefox<3.5.4 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-60.html firefox<3.5.4 local-filename-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-61.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html xulrunner<1.9.1.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4 proftpd<1.3.3 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3639 bftpd<2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4593 opera<10.01 multiple-vulnerabilities http://secunia.com/advisories/37182/ acroread7<7.1.4 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html acroread8<8.1.7 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html wordpress<2.8.5 denial-of-service http://secunia.com/advisories/37088/ squidGuard<1.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3700 squidGuard-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3826 snort<2.8.5.1 denial-of-service http://secunia.com/advisories/37135/ p5-HTML-Parser<3.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3627 seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html asterisk<1.2.35 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.0<1.6.0.17 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 cross-site-scripting http://downloads.digium.com/pub/security/AST-2009-009.html roundcube<0.3 cross-site-request-forgery http://secunia.com/advisories/37235/ openssl<0.9.8l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 sun-{jdk,jre}14-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}15-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnutls<2.10.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 libwww<5.4.0nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 opera<10.10 multiple-vulnerabilities http://secunia.com/advisories/37469/ mysql-server<5.0.88 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019 mysql-client<5.0.88 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028 php<5.2.11nb2 multiple-vulnerabilities http://secunia.com/advisories/37412/ php5-pear-Mail<1.1.14nb2 security-bypass http://secunia.com/advisories/37410/ opera<10.10 arbitrary-code-execution http://secunia.com/advisories/37431/ suse{,32}_openssl<11.3 session-hijack http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html cups<1.4.3 denial-of-service http://secunia.com/advisories/37364/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37348/ qt4-libs<4.5.3 multiple-vulnerabilities http://secunia.com/advisories/37396/ mpop<1.0.19 spoofing-attacks http://secunia.com/advisories/37312/ cups<1.4.2 cross-site-scripting http://secunia.com/advisories/37308/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37232/ libexif-0.6.18 denial-of-service http://secunia.com/advisories/37378/ wordpress<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/37332/ bind>=9.0<9.4.3pl5 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.5<9.5.2pl2 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.6<9.6.1pl3 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 libltdl<2.2.6b privilege-escalation http://secunia.com/advisories/37414/ ruby18-actionpack<2.3.5 cross-site-scripting http://secunia.com/advisories/37446/ kdelibs<3.5.10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 kdelibs>4<4.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 rt<3.8.6 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3585 asterisk<1.2.37 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.0<1.6.0.19 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.1<1.6.1.11 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html sun-{jre,jdk}14<2.24 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}15<5.0.22 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}6<6.0.17 multiple-vulnerabilities http://secunia.com/advisories/37231/ libvorbis<1.2.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379 apr<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699 vmware-2.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vmware-3.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin<2.11.9.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696 phpmyadmin<2.11.9.6 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 poppler-glib<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 transfig<3.2.5nb2 arbitrary-code-execution http://secunia.com/advisories/37577/ xfig<3.2.5bnb5 arbitrary-code-execution http://secunia.com/advisories/37571/ libpurple<2.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 automake<1.11.1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 automake14<1.4.6nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 centerim<4.22.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776 devIL<1.7.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3994 ntp<4.2.4p8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.6 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html firefox<3.5.6 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-69.html firefox<3.5.6 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-70.html firefox<3.5.6 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-71.html xulrunner<1.9.1.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.6 seamonkey<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.1 drupal>5<5.21 cross-site-scripting http://drupal.org/node/661586 drupal>6<6.15 cross-site-scripting http://drupal.org/node/661586 typolight<2.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight26<2.6.7nb3 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight27<2.7.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight28<2.8rc2 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html coreutils<6.12nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4135 wireshark<1.2.5 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-09.html gtk+>2<2.18.5 denial-of-service https://bugzilla.gnome.org/show_bug.cgi?id=598476 ghostscript<8.70nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4270 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 php<5.2.11nb2 arbitrary-fifo-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 php<5.2.12 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 php<5.2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 horde<3.3.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3701 kdegraphics<4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 kdelibs<3.5.10nb5 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt kdelibs>4<4.3.3 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt proftpd<1.3.2c man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread7-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread8-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html sunbird-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 thunderbird{,-gtk1}-2.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 spamassassin>=3.2.0<3.2.5nb4 denial-of-service https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269 qt4-libs<4.5.3nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2816 qt4-libs<4.5.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3384 xmlsec1<1.2.14 privilege-escalation http://secunia.com/advisories/37615/ adobe-flash-plugin<10.0.42.34 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html ns-flash<9.0.260 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html webmin<1.500 cross-site-scripting http://secunia.com/advisories/37648/ kdegraphics-3.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 ampache<3.5.3 remote-security-bypass http://secunia.com/advisories/37867/ trac<0.11.6 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 ja-trac<0.11.5pl1nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 php{5,53}-jpgraph-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4422 openttd<0.7.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4007 libpurple<2.6.5 remote-information-exposure http://secunia.com/advisories/37953/ ruby18-base<1.8.7.174nb3 escape-sequence-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4492 typo3<4.3.1 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/ libthai<0.1.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012 powerdns-recursor<3.1.7.2 arbitrary-code-execution http://doc.powerdns.com/powerdns-advisory-2010-01.html powerdns-recursor<3.1.7.2 spoofing-attacks http://doc.powerdns.com/powerdns-advisory-2010-02.html Transmission<1.77 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0012 openssl<0.9.8lnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 tnftpd<20091122 denial-of-service http://secunia.com/advisories/38098/ cherokee<0.99.32 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4489 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252 phpmyadmin<2.11.10 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605 lib3ds<2.0rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0280 tor<0.2.1.22 sensitive-information-exposure http://secunia.com/advisories/38198/ gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624 gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001 apache-tomcat<5.5.29 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat<5.5.29 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat<5.5.29 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 apache-tomcat>=6<6.0.21 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat>=6<6.0.21 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat>=6<6.0.21 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 zope29<2.9.12 cross-site-scripting http://secunia.com/advisories/38007/ zope210<2.10.11 cross-site-scripting http://secunia.com/advisories/38007/ zope211<2.11.6 cross-site-scripting http://secunia.com/advisories/38007/ mit-krb5<1.4.2nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212 acroread7-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread7-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread8-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread8-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages maildrop<2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0301 wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-01.html wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-02.html apache<1.3.42 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 ircd-hybrid<7.2.3nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4016 fuse>=2.0<2.8.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789 samba<3.3.10 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 squid<2.7.7nb2 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.0<3.0.23 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.1<3.1.0.16 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt apache-1.3.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages puppet<0.24.9 local-file-write https://bugzilla.redhat.com/show_bug.cgi?id=502881 php5-pear-DB<1.7.8 sql-injection http://secunia.com/advisories/20231/ lighttpd<1.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295 fetchmail<6.3.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0562 gmime<2.2.25nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 gmime24<2.4.15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 GraphicsMagick<1.3.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882 asterisk>=1.6.1<1.6.1.14 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html asterisk>=1.6.2<1.6.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html squid<2.7.7nb3 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt squid>=3.0<3.0.24 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt mysql-server>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 RealPlayerGold<11.0.2 multiple-vulnerabilities http://service.real.com/realplayer/security/01192010_player/en/ bugzilla-2.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.2.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3989 typo3<4.3.2 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/ ejabberd<2.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0305 libmikmod-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995 libmikmod-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996 nss<3.12.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 samba<3.3.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0926 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0292 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0293 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0294 gnome-screensaver<2.28.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0414 opera<10.50 man-in-the-middle-attack http://secunia.com/advisories/38546/ netpbm<10.35.72 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274 openoffice2{,-bin}-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0668 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0669 adobe-flash-plugin<10.0.45.2 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html ns-flash<9.0.262 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html sudo>=1.6.9<1.7.2p4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 sudo-1.6.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427 openoffice2-bin-[0-9]* signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice3-bin<3.2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice2{,-bin}-[0-9]* remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice3{,-bin}<3.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 curl>=7.10.5<7.20.0 denial-of-service http://secunia.com/advisories/38427/ dillo<2.2 sensitive-information-exposure http://secunia.com/advisories/38569/ gnome-screensaver<2.28.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0422 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 pidgin<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 asterisk>=1.6.1<1.6.1.17 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html asterisk>=1.6.2<1.6.2.5 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html firefox>=3.5<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html xulrunner<1.9.1.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8 seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html php<5.2.13 remote-security-bypass http://secunia.com/advisories/38708/ gnome-screensaver<2.28.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4641 openldap-client<2.4.18 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767 drupal>5<5.22 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.16 multiple-vulnerabilities http://drupal.org/node/731710 png<1.2.43 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 cups<1.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393 mediawiki<1.15.2 security-restrictions-bypass http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html opera<10.51 arbitrary-code-execution http://secunia.com/advisories/38820/ apache>=2.2<2.2.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 apache>=2.2<2.2.15 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 apache-2.0.[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 dovecot>=1.2<1.2.11 denial-of-service http://www.dovecot.org/list/dovecot-news/2010-March/000152.html gtar-base<1.23 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 gcpio<2.6nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 vlc<1.0.6 arbitrary-code-execution http://secunia.com/advisories/38853/ lshell<0.9.10 security-bypass http://secunia.com/advisories/38879/ samba<3.3.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728 spamass-milter<0.3.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1132 viewvc<1.0.10 cross-site-scripting http://secunia.com/advisories/38895/ unbound<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0969 ikiwiki<3.20100312 cross-site-scripting http://secunia.com/advisories/38983/ Transmission<1.92 remote-system-access http://secunia.com/advisories/39031/ seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html seamonkey{,-bin}<1.1.19 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html seamonkey{,-bin}<1.1.19 remote-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2010-06.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-07.html m4<1.4.14 insecure-file-permissions http://secunia.com/advisories/38707/ nss<3.12.3 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html nss<3.12.3 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html openssl<0.9.8mnb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 spice-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}-1.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dpkg<1.14.29 remote-manipulation-data http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396 heimdal<1.3.2 denial-of-service http://secunia.com/advisories/39037/ openssl<0.9.8mnb2 denial-of-service http://www.openssl.org/news/secadv_20100324.txt php5-xmlrpc<5.2.13nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 php53-xmlrpc<5.3.2nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 pango<1.26.2nb2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0421 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0439 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1123 ctorrent-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ctorrent-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1759 sun-{jre,jdk}6<6.0.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 firefox<3.6.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-25.html libnids<1.24 denial-of-service http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0828 firefox<3.0.19 arbitrary-code-execution http://secunia.com/advisories/39240/ firefox<3.5.9 arbitrary-code-execution http://secunia.com/advisories/39136/ seamonkey{,-bin}<2.0.4 arbitrary-code-execution http://secunia.com/advisories/39243/ trac<0.11.7 security-bypass http://secunia.com/advisories/39123/ ja-trac<0.11.7pl1 security-bypass http://secunia.com/advisories/39123/ viewvc<1.0.11 cross-site-scripting http://secunia.com/secunia_research/2010-26/ thunderbird<3.0.4 arbitrary-code-execution http://secunia.com/advisories/39242/ expat<2.0.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 typo3>=4.3.0<4.3.3 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/ hamlib<1.2.11 privilege-escalation http://secunia.com/advisories/39299/ kdebase<4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 kdebase-workspace<4.3.5nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 sun-{jre,jdk}6<6.0.20 arbitrary-code-execution http://www.kb.cert.org/vuls/id/886582 teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 dvipsk<5.98nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1160 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1161 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 sudo<1.7.2p6 arbitrary-command-execution http://www.courtesan.com/sudo/alerts/sudoedit_escalate2.html erlang<13.2.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 memcached<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152 clamav<0.96 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098 clamav<0.96 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311 abcm2ps<5.9.12 remote-system-access http://secunia.com/advisories/39345/ mediawiki<1.15.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1150 suse{,32}_openssl<11.3 man-in-the-middle-attack http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00000.html mysql-server>=5.1<5.1.45 denial-of-service http://secunia.com/advisories/39454/ p5-Crypt-OpenSSL-DSA-[0-9]* ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0129 mit-krb5>=1.7<1.8.2 remote-system-access http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt vlc>0.5<1.0.6 arbitrary-command-execution http://www.videolan.org/security/sa1003.html libesmtp-[0-9]* ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1192 libesmtp-[0-9]* ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1194 apache-tomcat<5.5.30 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 apache-tomcat>=6<6.0.27 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 smalltalk<3.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 apache-tomcat<6.0.30 cross-site-request-forgery http://secunia.com/advisories/39261/ wordpress-[0-9]* sensitive-information-exposure http://secunia.com/advisories/39040/ gcc44<4.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc34<3.4.6nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc3-java-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 qt4-libs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 qt4-libs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 qt4-libs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 qt4-libs-[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 qt4-libs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 qt4-libs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 memcached<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415 postgresql82-server<8.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql83-server<8.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql84-server<8.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 typolight<=2.6 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight26<=2.6.7nb3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight27<2.7.7 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight28<2.8.3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html fetchmail<6.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 wireshark<1.2.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-04.html dvipng<1.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829 openttd<1.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0402 pcre<8.0.2 denial-of-service http://secunia.com/advisories/39738/ gnustep-base<1.20.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1620 gnustep-base<1.20.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1457 ghostscript<8.71 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1869 modular-xorg-server-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166 p5-POE-Component-IRC<6.32 remote-security-bypass http://secunia.com/advisories/39767/ mysql-server>=5.0<5.0.91 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.1<5.1.47 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.0<5.0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.1<5.1.47 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.0<5.0.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 mysql-server>=5.1<5.1.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 libtheora<1.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3389 aria2<1.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1512 kdenetwork4<4.3.5nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000 kdenetwork4<4.3.5nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1511 libpurple<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 geeklog<1.6.1.1 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.1sr1 mysql-client>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 lftp<4.0.6 security-bypass http://www.ocert.org/advisories/ocert-2010-001.html postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 mit-krb5<1.4.2nb10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 clamav<0.96.1 denial-of-service http://secunia.com/advisories/39895 libprelude<1.0.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 mediawiki<1.15.4 cross-site-scripting http://secunia.com/advisories/39922/ heimdal<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 html2ps<1.0b6 sensitive-information-exposure http://secunia.com/advisories/39957/ exim<4.72 privilege-escalation http://secunia.com/advisories/40019/ openssl<0.9.8o multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt openssl>=1.0.0<1.0.0a multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt camlimages<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296 sudo<1.7.2p7 command-injection http://www.sudo.ws/sudo/alerts/secure_path.html py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 cross-site-scripting http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg abcm2ps<5.9.13 arbitrary-code-execution http://secunia.com/advisories/40033/ gnutls<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7239 bftpd<2.9 privilege-escalation http://secunia.com/advisories/40014/ rpm<4.8.1 privilege-escalation http://secunia.com/advisories/40028/ adobe-flash-plugin<10.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa10-01.html freeciv-server<2.2.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2445 openoffice3-bin<3.2.1 man-in-the-middle-attack http://www.openoffice.org/security/cves/CVE-2009-3555.html openoffice3{,-bin}<3.2.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2010-0395.html teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 dvipsk<5.98nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39573/ php<5.2.14 multiple-vulnerabilities http://secunia.com/advisories/39675/ php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39675/ wireshark<1.2.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2010-06.html ghostscript<8.71nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1628 apache>=2.2.9<2.2.15nb3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068 isc-dhcpd<4.1.1p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156 tiff<3.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 bozohttpd>=20090522<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2195 bozohttpd<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2320 samba<3.0.37nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 samba>=3.3.0<3.3.13 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 plone25-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 plone3-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 opera<10.54 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2421 suse{,32}_krb5<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_openssl<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_libpng<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html cups<1.4.3nb6 multiple-vulnerabilities http://cups.org/articles.php?L596 python24-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python25<2.5.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26<2.6.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26-2.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python27<2.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python31<3.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 moodle<1.9.9 cross-site-scripting http://secunia.com/advisories/40248/ firefox<3.6.7 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206 sendmail<8.14.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565 w3m<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 w3m-img<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 unrealircd<3.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4893 adobe-flash-plugin<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html adobe-flash-plugin>=10.0<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168 perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 irrtoolset-nox11-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}<2.0.5 multiple-vulnerabilities http://secunia.com/advisories/40326/ firefox<3.6.4 multiple-vulnerabilities http://secunia.com/advisories/40309/ thunderbird<3.0.5 multiple-vulnerabilities http://secunia.com/advisories/40323/ bugzilla<3.2.7 security-bypass http://secunia.com/advisories/40300/ konversation<1.2.3 denial-of-service http://secunia.com/advisories/38711/ xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ufoai<2.3 remote-system-access http://secunia.com/advisories/40321/ squirrelmail<1.4.21 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1637 tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 png<1.4.3 remote-system-access http://secunia.com/advisories/40302/ suse{,32}_libpng<11.3 remote-system-access http://secunia.com/advisories/40302/ mysql-server>=5.1<5.1.48 denial-of-service http://secunia.com/advisories/40333/ mDNSResponder<108nb2 unknown-impact http://www.vuxml.org/freebsd/1cd87e2a-81e3-11df-81d8-00262d5ed8ee.html qt4-libs-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2621 opera<10.60 information-disclosure http://secunia.com/advisories/40375/ tiff<3.9.4nb1 denial-of-service http://secunia.com/advisories/40422/ suse{,32}_libtiff-[0-9]* denial-of-service http://secunia.com/advisories/40422/ py{15,20,21,22,23,24,25,26,27,31}-Paste<1.7.4 cross-site-scripting http://secunia.com/advisories/40408/ xulrunner<1.9.2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4 php<5.2.14 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 php>=5.3.0<5.3.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 bind>=9.0<9.4.3pl4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.5<9.5.2pl1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.6<9.6.1pl2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 freeciv-server-[0-9]* denial-of-service http://secunia.com/advisories/40476/ roundup<1.4.14 cross-site-scripting http://secunia.com/advisories/40433/ bogofilter<1.2.2 denial-of-service http://secunia.com/advisories/40427/ avahi<0.6.26 denial-of-service http://secunia.com/advisories/40470/ suse{,32}<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gdk-pixbuf<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt3<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_resmgr<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.1 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby-base19>=1.9<1.9.1-p429 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2489 gv<3.7.0 privilege-escalation http://secunia.com/advisories/40475/ ghostscript<8.71nb6 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2055 bind>=9.7.1<9.7.1pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2010-0213 mono-xsp<2.6.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459 pango<1.27.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421 freetype2<2.4.0 remote-system-access http://secunia.com/advisories/40586 postgresql8{0,1}{,-server,-client}<8.2 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0070 vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713 openldap-server<2.4.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211 openldap-server<2.4.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212 pulseaudio<0.9.21nb3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1299 firefox<3.6.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 xulrunner<1.9.2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 seamonkey<2.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.6 thunderbird>=3.1<3.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.1 thunderbird<3.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.6 ocaml-mysql sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2942 qemu<0.12.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0741 libpurple<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 openttd<1.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2534 qt4-libs-[0-9]* denial-of-service http://secunia.com/advisories/40588/ squirrelmail<1.4.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813 php<5.2.14 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 php>=5.3.0<5.3.3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 dovecot>=1.2<1.2.13 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2010-July/000163.html apache>=2.0<2.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 typo3<4.3.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ typo3>=4.4.0<4.4.1 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ gnupg2<2.0.14nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 bozohttpd<20100621 remote-security-bypass http://secunia.com/advisories/40737/ mediawiki<1.15.5 multiple-vulnerabilities http://secunia.com/advisories/40740/ firefox<3.6.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-48.html cabextract<1.3 denial-of-service http://secunia.com/advisories/40719/ gdm<2.20.11 information-disclosure https://bugzilla.gnome.org/show_bug.cgi?id=571846 socat<1.7.1.3 remote-system-access http://secunia.com/advisories/40806 mantis<1.2.2 cross-site-scripting http://secunia.com/advisories/40812 mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2539 mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2540 wireshark<1.2.10 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2010-08.html citrix_ica<11.100 arbitrary-code-execution http://secunia.com/advisories/40808 wget<1.12nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252 mantis<1.2.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2574 freetype2<2.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797 bugzilla-3.0* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla>=2.19.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=2.22rc1<3.2.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.3.1<3.4.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.5.1<3.6.2 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.7<3.7.3 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=2.17.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=2.23.1<3.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.3.1<3.4.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.5.1<3.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.7<3.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 cabextract<1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2801 acroread8-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862 openoffice3{,-bin}<3.3 arbitrary-code-execution http://secunia.com/advisories/40775/ openssl<0.9.8onb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 win32-codecs-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40936/ win32-codecs-[0-9]* remote-system-access http://secunia.com/advisories/40934/ glpng-[0-9]* remote-system-access http://secunia.com/advisories/40354/ dbus-glib<0.88 local-security-bypass http://secunia.com/advisories/40908/ adobe-flash-plugin<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html adobe-flash-plugin>=10.0<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html drupal>5<5.23 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.18 multiple-vulnerabilities http://drupal.org/node/731710 opera<10.61 remote-system-access http://secunia.com/advisories/40120 ruby18-base<1.8.7.174nb6 cross-site-scripting http://secunia.com/advisories/41003 ruby{,-base,14,14-base,16,16-base}<1.8 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ssmtp<2.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7258 openjdk7-icedtea-plugin<1.13 multiple-vulnerabilities http://blog.fuseyism.com/index.php/2010/07/29/icedtea7-113-released/ phpmyadmin<2.11.10.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055 phpmyadmin<2.11.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056 PAM<1.1.1 privilege-escalation http://secunia.com/advisories/40978/ mysql-server>=5.1<5.1.49 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html libgdiplus<2.6nb1 remote-system-access http://secunia.com/advisories/40792 quagga<0.99.17 remote-system-access http://secunia.com/advisories/41038 squid>=3.1.5.1<3.1.7 denial-of-service http://bugs.squid-cache.org/show_bug.cgi?id=3021 kdegraphics>=4.3.0 remote-system-access http://secunia.com/advisories/40952 fuse-encfs<1.7 multiple-vulnerabilities http://secunia.com/advisories/41158/ qt4-libs<4.7.0rc1 ssl-certificate-spoofing http://secunia.com/advisories/41236/ nss<3.12.8 ssl-certificate-spoofing http://secunia.com/advisories/41237/ firefox<3.6.11 ssl-certificate-spoofing http://secunia.com/advisories/41244/ koffice-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40966/ p5-libwww<5.835 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2253 corkscrew-[0-9]* buffer-overflow http://people.freebsd.org/~niels/issues/corkscrew-20100821.txt mantis<1.2.3 cross-site-scripting http://secunia.com/advisories/41278/ zope210<2.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 zope211<2.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 squid>=3.0<3.1.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_3.txt xulrunner<1.9.2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 firefox<3.6.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 thunderbird>=3.1<3.1.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.3 thunderbird<3.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.7 seamonkey<2.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7 horde<3.3.9 cross-site-scripting http://secunia.com/advisories/41283/ sudo<1.7.4p4 local-security-bypass http://secunia.com/advisories/41316/ apache-tomcat<5.5.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 apache-tomcat>=6<6.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 mednafen<0.8.13 buffer-overflow http://secunia.com/advisories/41337/ samba>=3.3.0<3.3.14 buffer-overrun http://www.samba.org/samba/security/CVE-2010-3069.html mailscanner-[0-9]* denial-of-service http://secunia.com/advisories/41384/ adobe-flash-plugin<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 ns-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 seamonkey-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 firefox-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 mailman<2.1.12nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089 python26<2.6.6nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492 bozohttpd<20100920 remote-file-view http://eterna.com.au/bozohttpd/ wireshark<1.4.0 denial-of-service http://secunia.com/advisories/41535/ bzip2<1.0.6 remote-system-access http://secunia.com/advisories/41452/ clamav<0.96.3 remote-system-access http://secunia.com/advisories/41503/ poppler<0.14.2nb1 remote-system-access http://secunia.com/advisories/41596/ scmgit-base<1.7.0.7 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.1<1.7.1.2 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.2<1.7.2.1 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 dovecot>=1.2.8<1.2.15 weak-acl-enforcement http://www.dovecot.org/list/dovecot-news/2010-October/000177.html imp<4.3.8 cross-site-scripting http://secunia.com/advisories/41627/ bind>=9.7.0<9.7.2pl2 remote-security-bypass http://www.isc.org/software/bind/advisories/cve-2010-0218 mercurial<1.6.4 remote-spoofing http://secunia.com/advisories/41674/ ffmpeg<20100927 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 gmplayer<1.0rc20100913nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mencoder<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mplayer<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 typo3<4.4.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/ suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 mysql-server<5.1.50 arbitrary-code-execution http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html mysql-server<5.1.51 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ap{2,22}-subversion>=1.5<1.5.8 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 ap{2,22}-subversion>=1.6<1.6.13 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 xpdf<3.02pl4nb3 remote-system-access http://secunia.com/advisories/41709/ php<5.2.14nb1 denial-of-service http://secunia.com/advisories/41724/ php>=5.3.0<5.3.3nb1 denial-of-service http://secunia.com/advisories/41724/ opera<10.63 multiple-vulnerabilities http://secunia.com/advisories/41740/ kdegraphics<3.5.10nb9 remote-system-access http://secunia.com/advisories/41727/ sun-j{re,dk}6<6.0.22 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html gnome-subtitles<1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3357 postgresql90-plperl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql90-pltcl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-plperl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-pltcl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-plperl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-pltcl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-plperl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-pltcl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82{,-server,-client,-adminpack,-plperl,-plpython,-pltcl,-tsearch2}-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages monotone-server<0.48.1 denial-of-service http://secunia.com/advisories/41960 moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/41980/ libpurple<2.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 firefox<3.6.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 thunderbird<3.1.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 scmcvs-[0-9]* privilege-escalation http://secunia.com/advisories/cve_reference/CVE-2010-3846/ webkit-gtk<1.2.5 multiple-vulnerabilities http://secunia.com/advisories/41871/ freetype2<2.4.3nb1 buffer-overflow http://secunia.com/advisories/41738/ suse{,32}_freetype2<11.3nb2 buffer-overflow http://secunia.com/advisories/44008/ libsmi<0.4.8nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2891 python26<2.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 adobe-flash-plugin<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 ns-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 seamonkey-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 firefox-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 mono<2.8.1 information-disclosure http://secunia.com/advisories/41919/ suse{,32}_freetype2<11.3nb1 arbitrary-code-execution http://secunia.com/advisories/41958/ gnucash<2.2.9nb10 privilege-escalation http://secunia.com/advisories/42048/ proftpd<1.3.3c remote-system-access http://secunia.com/advisories/42052/ PAM<1.1.3 privilege-escalation http://secunia.com/advisories/42088/ bugzilla<3.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.3<3.4.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.5<3.6.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.7<4.0rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=2.12<3.2.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.3<3.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.5<3.6.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7<4.0rc1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7.1<4.0rc1 cross-site-scripting http://secunia.com/advisories/41955/ isc-dhcpd>=4<4.0.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.1<4.1.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.2<4.2.0p1 denial-of-service http://secunia.com/advisories/42082/ acroread8-[0-9]* arbitrary-code-execution http://secunia.com/advisories/42095/ acroread9<9.4.1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb10-28.html mysql-server<5.1.52 denial-of-service http://secunia.com/advisories/42097/ cups<1.4.3nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 php>=5.3.0<5.3.3nb1 sensitive-information-exposure http://secunia.com/advisories/42135/ seamonkey<2.0.9 multiple-vulnerabilities http://secunia.com/advisories/41923/ mono<2.8nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159 wireshark<1.4.2 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2010-14.html openssl<0.9.8p remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 eclipse-[0-9]* cross-site-scripting http://secunia.com/advisories/42236/ ap{2,22}-fcgid<2.3.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3872 libtlen-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 horde<3.3.11 cross-site-scripting http://secunia.com/advisories/42355/ libxml2<2.7.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 openttd>=1.0.0<1.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4168 RealPlayerSP>=12.0.0<14.0.1 remote-system-access http://secunia.com/advisories/42203/ xine-lib<1.1.19 arbtrary-code-execution http://secunia.com/advisories/42359/ phpmyadmin<2.11.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php mit-krb5<1.4.2nb11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324 suse{,32}_krb5<11.3nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020 wordpress<3.0.2 remote-data-manipulation http://secunia.com/advisories/42431/ clamav<0.96.5 denial-of-service http://secunia.com/advisories/42426/ openssl<0.9.8q information-disclosure http://www.openssl.org/news/secadv_20101202.txt bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 gnash<0.8.9 insecure-temp-files http://secunia.com/advisories/42416/ p5-CGI<3.50 http-response-splitting http://secunia.com/advisories/42443/ p5-CGI<3.51 http-header-injection http://secunia.com/advisories/42461/ p5-CGI-Simple<1.113 http-header-injection http://secunia.com/advisories/42460/ xenkernel3<3.1.4nb4 denial-of-service http://secunia.com/advisories/42395/ xenkernel33<3.3.2nb1 denial-of-service http://secunia.com/advisories/42395/ mit-krb5<1.4.2nb11 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 p5-IO-Socket-SSL<1.35 security-bypass http://secunia.com/advisories/42508/ ImageMagick<6.6.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4167 thunderbird<3.1.7 multiple-vulnerabilities http://secunia.com/advisories/42519/ seamonkey<2.0.11 multiple-vulnerabilities http://secunia.com/advisories/42518/ firefox<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/42517/ wordpress<3.0.3 security-bypass http://secunia.com/advisories/42553/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/40165/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/41706/ suse{,32}_libxml2<11.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 RealPlayerGold<11.0.2.2315 multiple-vulnerabilities http://secunia.com/advisories/38550/ phpmyadmin<2.11.11.1nb1 ui-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480 phpmyadmin<2.11.11.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481 dbus<1.2.4.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 xulrunner<1.9.2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13 php5-intl<5.2.15.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 php53-intl<5.3.4.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 typo3<4.4.5 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/ fontforge<20100501nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4259 echoping-[0-9]* remote-system-access http://secunia.com/advisories/42619/ xfig<3.2.5bnb9 remote-system-access https://bugzilla.redhat.com/show_bug.cgi?id=659676 mantis<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42597/ opensc<0.11.13nb1 local-system-access http://secunia.com/advisories/42658/ pcsc-lite<1.5.5nb2 remote-system-access http://secunia.com/advisories/42659/ gitweb<1.7.3.4 cross-site-scripting http://secunia.com/advisories/42645/ opera<11.0 multiple-vulnerabilities http://secunia.com/advisories/42653/ tor<0.2.1.28 remote-system-access http://secunia.com/advisories/42536/ mhonarc<2.6.16nb1 cross-site-scripting http://secunia.com/advisories/42694/ calibre<0.7.35 multiple-vulnerabilities http://secunia.com/advisories/42689/ py{15,20,21,22,23,24,25,26,27,31}-django<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42715/ libpurple>=2.7.6<2.7.9 remote-denial-of-service http://www.pidgin.im/news/security//?id=49 libxml2<2.7.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 suse{,32}_libxml2<11.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 geeklog<1.7.1.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.7.1sr1 wordpress<3.0.4 script-insertion http://wordpress.org/news/2010/12/3-0-4-update/ vlc<1.1.6 denial-of-service http://www.videolan.org/security/sa1007.html wireshark<1.4.2nb1 denial-of-service http://secunia.com/advisories/42767/ mediawiki<1.16.1 cross-site-scripting http://secunia.com/advisories/42810/ ap{2,22}-subversion<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4539 subversion-base<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4644 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543 typolight28<2.8.4nb2 cross-site-scripting http://www.contao.org/news/items/contao-2_9_3.html contao29<2.9.3 cross-site-scripting http://www.contao.org/news/items/contao-2_9_3.html php<5.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 php>=5.3.0<5.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643 dpkg<1.14.31 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679 mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 mono-xsp>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 ap{2,22}-mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 wireshark<1.4.3 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-02.html sudo<1.7.4p5 security-bypass http://www.sudo.ws/sudo/alerts/runas_group_pw.html exim<4.73 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345 asterisk<1.6.2.16.1 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html asterisk>=1.8<1.8.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html p5-Convert-UUlib<1.34 denial-of-service http://secunia.com/advisories/42998/ pango<1.28.3nb2 denial-of-service http://secunia.com/advisories/42934/ fuse>=2.0 denial-of-service http://secunia.com/advisories/42961/ maradns<1.4.06 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0520 dpkg<1.14.31 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402 suse{,32}_openssl<11.3nb2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 gif2png<2.5.4 remote-system-access http://secunia.com/advisories/42339/ freeradius>2<2.1.10 denial-of-service http://secunia.com/advisories/41621/ mupdf<0.7nb1 remote-system-access http://secunia.com/advisories/43020/ bugzilla<3.2.10 multiple-vulnerabilities http://secunia.com/advisories/43033/ webkit-gtk<1.2.6 multiple-vulnerabilities http://secunia.com/advisories/43086/ ruby1{8,9}-mail<2.2.15 remote-system-access http://secunia.com/advisories/43077/ opera<11.01 multiple-vulnerabilities http://secunia.com/advisories/43023/ awstats<7.0 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367 isc-dhcpd<4.1.2p1 denial-of-service http://secunia.com/advisories/43006/ exim<4.74 local-privilege-escalation http://secunia.com/advisories/43101/ vlc<1.1.6nb1 remote-system-access http://www.videolan.org/security/sa1102.html moodle-[0-9]* cross-site-scripting http://secunia.com/advisories/43133/ postgresql83-datatypes>=8.3<8.3.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql84-datatypes>=8.4<8.4.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql90-datatypes>=9.0<9.0.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 openssh>=5.6<5.8 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539 bind>=9.5<9.6.3 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record bind>=9.7<9.7.2 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record tsclient-0.[0-9]* remote-system-access http://secunia.com/advisories/43120/ plone25-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 plone3-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 mediawiki<1.16.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0047 openssl<0.9.8qnb1 denial-of-service http://www.openssl.org/news/secadv_20110208.txt ruby1{8,9}-actionpack<2.3.11 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby19-railties<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails bind<9.6 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libpurple<2.7.10 information-leak http://www.pidgin.im/news/security/?id=50 cgiirc<0.5.10 cross-site-scripting http://sourceforge.net/mailarchive/message.php?msg_id=27024589 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.5 multiple-vulnerabilities http://www.djangoproject.com/weblog/2011/feb/08/security/ adobe-flash-plugin<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html ns-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html seamonkey-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html firefox-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html wordpress<3.0.5 multiple-vulnerabilities http://wordpress.org/news/2011/02/wordpress-3-0-5/ ffmpeg<20110623.0.7.1 denial-of-service http://secunia.com/advisories/43197/ feh<1.11.2 privilege-escalation http://secunia.com/advisories/43221/ phpmyadmin<2.11.11.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986 phpmyadmin<2.11.11.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987 qemu-[0-9]* restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0011 apache-tomcat<5.5.33 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0075.html apache-tomcat>=5.5.0<5.5.32 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=5.5.0<5.5.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 wireshark<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 apache-tomcat>=6<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 apache-tomcat>=6<6.0.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 proftpd<1.3.3d multiple-vulnerabilities http://www.proftpd.org/docs/NEWS-1.3.3d acroread9<9.4.2 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-03.html sun-jre<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0449 ruby1{8,9}-activerecord>=3.0<3.0.4 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0448 php5-zip<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php5-exif<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php53-zip<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php53-exif<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php>=5<5.3 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages telepathy-gabble<0.11.7 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1000 typo3<4.5 cross-site-request-forgery http://wiki.typo3.org/TYPO3_4.5#Security openldap-server<2.4.24 security-bypass http://secunia.com/advisories/43331/ asterisk<1.6.2.16.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html asterisk>=1.8<1.8.2.4 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html bind>=9.7.1<9.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414 t1lib<5.1.2nb2 arbitrary-code-execution http://secunia.com/advisories/43491/ evince<2.32.0nb4 buffer-overflow https://bugzilla.gnome.org/show_bug.cgi?id=640923 python24-[0-9]* sensitive-information-exposure http://secunia.com/advisories/43463/ python25<2.5.5nb2 sensitive-information-exposure http://secunia.com/advisories/43463/ python26<2.6.6nb6 sensitive-information-exposure http://secunia.com/advisories/43463/ mupdf<0.8 remote-system-access http://secunia.com/advisories/42320/ rt<3.8.9 sensitive-information-exposure http://secunia.com/advisories/43438/ suse{,32}_krb5<11.3nb2 denial-of-service http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/ moodle-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/43412/ mailman<2.1.14.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0707 lft<3.3 unknown-impact http://secunia.com/advisories/43381/ asterisk<1.4.0 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.6<1.6.2 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1003 avahi<0.6.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002 ruby18-base<1.8.7.334 remote-security-bypass http://secunia.com/advisories/43420/ ruby18-base<1.8.7.334 privilege-escalation http://secunia.com/advisories/43434/ ruby19-base<1.9.2pl180 privilege-escalation http://secunia.com/advisories/43434/ suse{,32}_base<11.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 wireshark<1.4.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713 wireshark<1.4.4 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2011-04.html moodle<1.9.11 multiple-vulnerabilities http://secunia.com/advisories/43570/ pango<1.28.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0064 tor<0.2.1.30 denial-of-service http://secunia.com/advisories/43548/ firefox<3.6.14 multiple-vulnerabilities http://secunia.com/advisories/43550/ seamonkey<2.0.12 multiple-vulnerabilities http://secunia.com/advisories/43550/ thunderbird<3.1.8 multiple-vulnerabilities http://secunia.com/advisories/43586/ weechat<0.3.4 spoofing-attack http://secunia.com/advisories/43543/ ap2-subversion<1.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 moodle-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/43427/ openafs<1.4.14 multiple-vulnerabilities http://secunia.com/advisories/43407/ py-moin<1.9.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1058 postfix<2.7.3 command-injection http://www.kb.cert.org/vuls/id/555316 postfix>=2.8.20100000<2.8.20110115 command-injection http://www.kb.cert.org/vuls/id/555316 TeXmacs-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3394 hiawatha-[0-9]* multiple-vulnerabilities http://www.hiawatha-webserver.org/changelog patch-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651 tiff<3.9.4nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5022 suse{,32}_libtiff<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3087 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 xulrunner<1.9.2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.14 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 unixodbc<2.3.0nb1 remote-system-access http://secunia.com/advisories/43679/ webkit-gtk<1.2.7 multiple-vulnerabilities http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS sun-{jre,jdk}6<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ nagios-base<3.3.1 cross-site-scripting http://secunia.com/advisories/43287/ libpurple<2.7.11 denial-of-service http://secunia.com/advisories/43695/ py-feedparser<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/43730/ adobe-flash-plugin<10.2.152.33 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-01.html php5-shmop<5.2.17nb1 denial-of-service http://secunia.com/advisories/cve_reference/CVE-2011-1092/ php53-shmop<5.3.6 denial-of-service http://secunia.com/advisories/cve_reference/CVE-2011-1092/ php>=5.3<5.3.6 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153 samba-3.0.[0-9]* memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.3.0<3.3.15 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.5.0<3.5.7 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html php{5,53}-pear<1.9.2 privilege-escalation http://pear.php.net/advisory-20110228.txt php{5,53}-pear<1.9.2nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1144 cups<1.4.5 multiple-vulnerabilities http://www.cups.org/articles.php?L597 libzip<0.10 denial-of-service http://secunia.com/advisories/43621/ xenkernel33<3.3.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 xenkernel3<3.1.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 openslp<1.2.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1674 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1675 moodle<2.0.2 multiple-vulnerabilities http://secunia.com/advisories/43570/ vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3275 vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3276 suse{,32}_gtk2<11.3nb3 denial-of-service http://lists.opensuse.org/opensuse-updates/2011-03/msg00019.html suse{,32}_base<11.3nb4 arbitrary-code-execution https://hermes.opensuse.org/messages/7712778 loggerhead<1.18.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0728 python23-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python24-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python25<2.5.5nb3 sensitive-information-disclosure http://secunia.com/advisories/43831/ python26<2.6.6nb7 sensitive-information-disclosure http://secunia.com/advisories/43831/ python27<2.7.1nb1 sensitive-information-disclosure http://secunia.com/advisories/43831/ tiff<3.9.4nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 suse{,32}_openssl<11.3nb3 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 fengoffice<1.7.5 cross-site-scripting http://secunia.com/advisories/43912/ xmlsec1<1.2.17 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425 gdm>=2.28.0<2.32.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0727 suse{,32}_krb5<11.3nb3 arbitrary-code-execution http://secunia.com/advisories/44027/ xymon<4.3.2 cross-site-scripting http://secunia.com/advisories/44036/ perl<5.12.2nb2 remote-security-bypass http://secunia.com/advisories/43921/ erlang<14.1.2 remote-system-access http://secunia.com/advisories/43898/ pure-ftpd<1.0.30 remote-data-manipulation http://secunia.com/advisories/43988/ ruby1{8,9}-rack<1.1.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-rack>=1.2.0<1.2.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-actionpack>=3.0<3.0.6 cross-site-scripting http://weblog.rubyonrails.org/2011/4/6/rails-3-0-6-has-been-released xrdb<1.0.9 privilege-escalation http://secunia.com/advisories/44040/ libvpx<0.9.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489 isc-dhclient<4.2.1p1 remote-system-access http://secunia.com/advisories/44037/ libmodplug<0.8.8.2 remote-system-access http://secunia.com/advisories/44054/ roundcube<0.5.1 remote-security-bypass http://secunia.com/advisories/44050/ rsync<3.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097 wordpress<3.1.1 multiple-vulnerabilities http://secunia.com/advisories/44038/ suse{,32}_gtk2<11.3nb2 local-security-bypass http://secunia.com/advisories/43933/ dhcpcd<5.2.12 remote-system-access http://secunia.com/advisories/44070/ tinyproxy<1.8.3 remote-security-bypass http://secunia.com/advisories/43948/ ikiwiki<3.20110328 script-insertion http://secunia.com/advisories/44137/ kdelibs4<4.5.5nb2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1168 xulrunner<1.9.2.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html firefox<3.6.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html vlc<1.1.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684 mediawiki<1.16.3 multiple-vulnerabilities http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000096.html mediawiki<1.16.4 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000097.html mediawiki<1.16.5 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html mit-krb5<1.8.3nb5 denial-of-service http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-004.txt vsftpd<2.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0762 php<5.3.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 opera-[0-9]* denial-of-service http://www.securityfocus.com/bid/46872 rt3<1.8.11 multiple-vulnerablities http://secunia.com/advisories/44189/ wireshark<1.4.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-06.html adobe-flash-plugin<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 ns-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 seamonkey-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 firefox-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 kdenetwork4<4.5.5nb3 remote-system-access http://secunia.com/advisories/44124/ xfce4-thunar-[0-9]* remote-system-access http://secunia.com/advisories/44104/ p5-Jifty-DBI<0.68 remote-data-manipulation http://secunia.com/advisories/44224/ p5-Mojolicious<1.16 sensitive-information-exposure http://secunia.com/advisories/44051/ rdesktop<1.7.0 remote-system-access http://secunia.com/advisories/44200/ webmin<1.550 privilege-escalation http://secunia.com/advisories/44263/ wordpress<3.1.2 remote-security-bypass http://secunia.com/advisories/44372/ suse{,32}_base-[0-9]* arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1071.html suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659 php>=5.3 arbitrary-code-execution http://secunia.com/advisories/44335/ ffmpeg<20110626.0.6.3 denial-of-service http://secunia.com/advisories/44378/ xulrunner<1.9.2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox<3.6.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox>=4<4.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 seamonkey<2.0.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.14 thunderbird<3.1.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.10 xulrunner>2<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 bind>=9.8.0<9.8.0pl1 denial-of-service https://www.isc.org/CVE-2011-1907 mysql-server<5.0.91 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html mysql-server<5.0.92 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html mysql-server<5.0.93 denial-of-service http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html postfix<2.8.3 denial-of-service http://www.postfix.org/CVE-2011-1720.html ampache-[0-9]* cross-site-scripting http://secunia.com/advisories/44497/ xentools33<3.3.2nb7 multiple-vulnerabilities http://secunia.com/advisories/44502/ xentools41<4.1.0nb4 multiple-vulnerabilities http://secunia.com/advisories/44502/ suse{,32}_gtk2<11.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 exim<4.76 remote-system-access http://secunia.com/advisories/44467/ php<5.1.3 multiple-vulnerabilities http://secunia.com/advisories/18694/ wordpress<3.1.3 remote-system-access http://secunia.com/advisories/44409/ apr<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 apache>=2.0<2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 asterisk-[0-9] sensitive-information-exposure http://secunia.com/advisories/44452/ openssh<5.8.2 sensitive-information-exposure http://secunia.com/advisories/44347/ horde>=4<4.0.2 multiple-vulnerabilities http://secunia.com/advisories/44408/ simgear-[0-9] denial-of-service http://secunia.com/advisories/44434/ vino<2.28.3 denial-of-service http://secunia.com/advisories/44463/ libmodplug<0.8.8.3 remote-system-access http://secunia.com/advisories/44388/ cyrus-imapd<2.3.16nb4 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 cyrus-imapd>=2.4<2.4.7 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 adobe-flash-plugin<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ ns-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ seamonkey-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ firefox-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ tor<0.2.1.29 multiple-vulnerabilities http://secunia.com/advisories/42907/ openssh<5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161 p5-Jifty-DBI<0.68 sql-injection http://cpansearch.perl.org/src/SARTAK/Jifty-DBI-0.68/Changes p5-libwww<6.00 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0633 dovecot<1.2.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 dovecot>=2<2.0.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 viewvc<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5024 apr<1.4.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 apache>=2.0<2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 openssl<0.9.8qnb3 sensitive-information-exposure http://secunia.com/advisories/44572/ opera<11.11 arbitrary-code-execution http://secunia.com/advisories/44611/ moodle<2.0.3 multiple-vulnerabilities http://secunia.com/advisories/44630/ qemu-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1751 php53-pdo_mysql<5.3.6 sql-injection http://bugs.php.net/bug.php?id=47802 php5-pdo_mysql-[0-9]* sql-injection http://bugs.php.net/bug.php?id=47802 dirmngr<1.1.0nb2 denial-of-service http://secunia.com/advisories/44680/ bind<9.6.3.1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.7.0<9.7.3pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.8.0<9.8.0pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 drupal<6.21 multiple-vulnerabilities http://drupal.org/node/1168756 ruby18-base<1.8.7.334nb3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 ruby19-base<1.9.2pl180nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 rssh<2.3.3 remote-security-bypass http://www.pizzashack.org/rssh/security.shtml fetchmail<6.3.20 denial-of-service http://www.fetchmail.info/fetchmail-SA-2011-01.txt wireshark<1.4.7 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-08.html ejabberd<2.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1753 jabberd<1.4.2nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1754 jabberd>=2<2.2.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755 libxml2<2.7.8nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 ap{2,22}-subversion<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1752-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1783-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1921-advisory.txt unbound<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4008 cherokee-[0-9]* cross-site-request-forgery http://secunia.com/advisories/44821/ asterisk>=1.8<1.8.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2216 adobe-flash-plugin<10.3.181.22 cross-site-scripting http://www.adobe.com/support/security/bulletins/apsb11-13.html lua-expat<1.2.0 denial-of-service http://secunia.com/advisories/44866/ prosody<0.8.1 denial-of-service http://secunia.com/advisories/44852/ sun-{jre,jdk}6<6.0.26 multiple-vulnerabilities http://secunia.com/advisories/44784/ p5-Data-FormValidator-[0-9]* sensitive-information-exposure http://secunia.com/advisories/44832/ ruby1{8,9}-actionpack>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk<1.6.2.17.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk>=1.8<1.8.3.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk<1.6.2.17.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.3.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.4.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-007.html tiff<3.9.5 multiple-vulnerabilities http://www.remotesensing.org/libtiff/v3.9.5.html dbus<1.2.4.6nb4 denial-of-service http://secunia.com/advisories/44896/ open-vm-tools-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/43798/ vte<0.26.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2198 php<5.2.17nb4 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 php>=5.3<5.3.6nb2 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 vlc<1.1.10 remote-system-access http://secunia.com/advisories/44412/ png>=1.2.23<1.5.3rc02 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 perl<5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761 erlang<14.1.3 denial-of-service http://www.erlang.org/download/otp_src_R14B03.readme php<5.2.17nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 php>=5.3<5.3.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 adobe-flash-plugin<10.3.181.26 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb11-18.html suse{,32}_openssl<11.3nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2011-1945.html tomboy<1.2.1nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4005 opera<11.50 denial-of-service http://www.securityfocus.com/bid/48262 ruby1{8,9}-actionpack<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ fabric<1.1.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2185 firefox>=4<5.0 sensitive-information-exposure http://secunia.com/advisories/44972/ groff<1.20.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5044 postgresql84-pgcrypto<8.4.9 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 postgresql90-pgcrypto<9.0.5 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 php>=5.3<5.3.6nb4 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 john<1.7.6nb1 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 firefox<3.6.18 multiple-vulnerabilities http://secunia.com/advisories/44982/ thunderbird<3.1.11 multiple-vulnerabilities http://secunia.com/advisories/44982/ libreoffice3-bin<3.3.3 arbitrary-code-execution http://www.kb.cert.org/vuls/id/953183 asterisk>=1.6<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-009.html asterisk>=1.6.2.15<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html curl>=7.10.6<7.21.7 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 suse{,32}_libcurl-[0-9]* spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 pidgin<2.9.0 denial-of-service http://www.pidgin.im/news/security/?id=52 seamonkey<2.2 sensitive-information-exposure http://secunia.com/advisories/45007/ apache-tomcat>=5.5<5.5.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 apache-tomcat>=6<6.0.33 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 opera<11.50 multiple-vulnerabilities http://secunia.com/advisories/45060/ plone3-[0-9]* privilege-escalation http://plone.org/products/plone/security/advisories/20110622 drupal-5.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<3.1.4 remote-security-bypass http://secunia.com/advisories/45099/ wireshark<1.4.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-09.html asterisk>=1.6.2<1.6.2.18.2 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html asterisk>=1.8<1.8.4.4 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html amaya<11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6005 {firefox-bin,seamonkey-bin,ns}-flash-9.[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bind<9.6.3.1.ESV.4pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.7.0<9.7.3pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2465 mit-krb5-appl<1.0.1nb1 remote-system-access http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-005.txt qemu-[0-9]* privilege-escalation http://secunia.com/advisories/45187/ xml-security-c<1.6.1 denial-of-service http://secunia.com/advisories/45151/ zope210<2.10.13 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 zope211<2.11.8 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 freetype2<2.4.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0226 suse{,32}_freetype2<11.3nb3 remote-system-access http://support.novell.com/security/cve/CVE-2011-0226.html squirrelmail<1.4.22 multiple-vulnerabilities http://secunia.com/advisories/45197/ libsndfile<1.0.24nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588 apache-tomcat<5.5.34 denial-of-service http://secunia.com/advisories/45232/ apache-tomcat>=6<6.0.33 denial-of-service http://secunia.com/advisories/45232/ foomatic-filters>=4<4.0.6nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964 foomatic-filters<4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697 ioquake3-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2764 phpmyadmin<3 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97.2 denial-of-service http://secunia.com/advisories/45382/ kdeutils-[0-9]* directory-traversal http://secunia.com/advisories/45378/ freeradius-2.1.11 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2701 opensaml<2.4.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1411 mutt-[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429 sun-{jre,jdk}6-[0-9]* arbitrary-code-execution http://secunia.com/advisories/45173/ openjdk7{,-bin}-[0-9]* arbitrary-code-execution http://secunia.com/advisories/45173/ suse{,32}_libxml2<11.3nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1944.html samba<3.3.16 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba<3.3.16 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html samba>=3.5.0<3.5.10 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba>=3.5.0<3.5.10 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html libsoup24<2.34.2nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524 suse{,32}_base<11.3nb5 remote-system-access http://lists.opensuse.org/opensuse-updates/2011-07/msg00041.html mapserver<5.6.7 remote-system-access http://secunia.com/advisories/45257/ libmodplug<0.8.8.4 remote-system-access http://secunia.com/advisories/45131/ bugzilla<3.4 eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.4.11 multiple-vulnerabilities http://secunia.com/advisories/45501/ suse{,32}_gtk2<11.3nb5 denial-of-service http://secunia.com/advisories/45308/ gdk-pixbuf<0.22.0nb15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2897 typo3<4.5.4 multiple-vulnerabilities http://secunia.com/advisories/45557/ moodle<2.1.1 remote-security-bypass http://secunia.com/advisories/45487/ ffmpeg<20110907.0.7.4 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2011-002.html mplayer-[0-9]* arbitrary-code-execution http://www.ocert.org/advisories/ocert-2011-002.html libXfont<1.4.4 privilege-escalation http://secunia.com/advisories/45544/ adobe-flash-plugin<10.3.183.5 remote-system-access http://www.adobe.com/support/security/bulletins/apsb11-21.html isc-dhcpd<4.2.2 denial-of-service http://secunia.com/advisories/45582/ mplayer-[0-9]* buffer-overflow http://secunia.com/advisories/45598/ gimp-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 stunnel<4.42 remote-code-execution http://stunnel.org/?page=sdf_ChangeLog thunderbird<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-31.html firefox{,-bin}<3.6.20 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-30.html firefox{,-bin}>=4<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-29.html seamonkey{,-bin}<2.3 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-33.html libpurple<2.10.0 multiple-vulnerabilities http://pidgin.im/news/security/ pidgin<2.10.0 unsafe-file-execution http://pidgin.im/news/security/?id=55 suse{,32}_libpng<11.3nb2 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2011-08/msg00026.html gdk-pixbuf2<2.22.1nb3 deinal-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 roundcube<0.5.4 cross-site-scripting http://secunia.com/advisories/45605/ php-5.3.7 remote-security-bypass http://secunia.com/advisories/45678/ ruby1{8,9}-actionpack>=3.0<3.0.10 remove-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2929 ruby1{8,9}-activerecord>=3.0<3.0.10 remove-sql-injunction http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-activerecord<2.3.14 remove-sql-injunction http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-actionpack>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby1{8,9}-actionpack<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby18-activesupport>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby18-activesupport<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby1{8,9}-actionpack<2.3.14 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3186 apache>=2.0<2.0.65 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 apache>=2.2<2.2.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 RealPlayerGold-[0-9]* eol ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin>=3.3.0<3.4.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.php cups<1.4.7 arbtrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 cups<1.4.8nb1 arbtrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3170 squid>=3.0<3.1.15 remote-system-access http://www.squid-cache.org/Advisories/SQUID-2011_3.txt apache-tomcat<5.5.34 remove-security-bypass http://secunia.com/advisories/45748/ apache-tomcat>=6<6.0.34 remove-security-bypass http://secunia.com/advisories/45748/ opera<11.51 multiple-vulnerabilities http://secunia.com/advisories/45791/ xenkernel33<3.3.2nb8 denial-of-ervice http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel3<3.1.4nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/45622/ openttd<1.1.3 multiple-vulnerabilities http://secunia.com/advisories/45832/ mantis<1.2.8 multiple-vulnerabilities http://secunia.com/advisories/45829/ firefox<6.0.1 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox36<3.6.21 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html thunderbird<3.1.13 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html seamonkey<2.3.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox<6.0.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html firefox36<3.6.22 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html thunderbird<3.1.14 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html seamonkey<2.3.3 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html openssl<1.0.0e denial-of-service http://www.openssl.org/news/secadv_20110906.txt wireshark<1.6.2 multiple-vulnerabilities http://web.nvd.nist.gov/view/vuln/detail?vulnId=2011-3266 librsvg<2.34.1 denial-of-service http://secunia.com/advisories/45877/ cyrus-imapd>=2.2<2.3.17 buffer-overflow http://secunia.com/advisories/45938/ cyrus-imapd>=2.4<2.4.11 buffer-overflow http://secunia.com/advisories/45938/ p5-FCGI>=0.70<0.74 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2766 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/ mozilla-rootcerts<1.0.20110902 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html apache<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 typo3<4.5.6 sql-injection http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-002/ typo3<4.5.6 denial-of-service http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-003/ phpmyadmin>=3.4.0<3.4.5 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php evolution-data-server<3.1.1 remote-information-exposure http://secunia.com/advisories/45941/ openvas-server-[0-9]* local-privilege-escalation http://secunia.com/advisories/45836/ acroread9<9.4.6 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-24.html swi-prolog-packages<5.11.26 arbtrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 firefox<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 firefox36<3.6.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.23 thunderbird<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird7 seamonkey<2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.4 quagga<0.99.19 denial-of-service http://secunia.com/advisories/46139/