Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: 201207-08 Normal: Gnash Multiple Threats Including DoS

Multiple vulnerabilities have been found in Gnash which could result in execution of arbitrary code, Denial of Service, or information disclosure. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201207-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Gnash: Multiple vulnerabilities Date: July 09, 2012 Bugs: #391283, #408209 ID: 201207-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Gnash which could result in execution of arbitrary code, Denial of Service, or information disclosure. Background ========= Gnash is a GNU flash movie player that supports many SWF features. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-plugins/gnash < 0.8.10-r2 > = 0.8.10-r2 Description ========== Multiple vulnerabilities have been found in Gnash: * The "nsPluginInstance::setupCookies()" function in plugin.cpp creates world-readable cookies with predictable file names (CVE-2011-4328). * The "GnashImage::size()" function in GnashImage.h contains an integer overflow error which could cause a heap-based buffer overflow (CVE-2012-1175). Impact ===== A remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a local attacker may be able to obtain sensitive information. Workaround ========= There is no known workaround at this time. Resolution ========= All Gnash users should upgradeto the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =www-plugins/gnash-0.8.10-r2" References ========= [ 1 ] CVE-2011-4328 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4328 [ 2 ] CVE-2012-1175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1175 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201207-08 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Various vulnerabilities in Gnash may result in arbitrary code execution, denial of service, or exposure of sensitive information. It is advised to perform an upgrade.. Gentoo Linux,Gnash vulnerabilities,code execution risk. . LinuxSecurity.com Team

Calendar 2 Jul 09, 2012 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryinformation leakbuffer overflow

Debian: DSA-2435-1 Moderate Severity: Gnash Local Attack Vulnerability

Several vulnerabilities have been identified in Gnash, the GNU Flash player. CVE-2012-1175 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-2435-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Gabriele Giacone March 19, 2012 http://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : gnash Vulnerability : several Problem type : local / local (remote) Debian-specific: no CVE ID : CVE-2010-4337 CVE-2011-4328 CVE-2012-1175 Debian Bug : 605419 649384 664023 Several vulnerabilities have been identified in Gnash, the GNU Flash player. CVE-2012-1175 Tielei Wang from Georgia Tech Information Security Center discovered a vulnerability in GNU Gnash which is caused due to an integer overflow error and can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted SWF file. CVE-2011-4328 Alexander Kurtz discovered an unsafe management of HTTP cookies. Cookie files are stored under /tmp and have predictable names, vulnerability that allows a local attacker to overwrite arbitrary files the users has write permissions for, and are also world-readable which may cause information leak. CVE-2010-4337 Jakub Wilk discovered an unsafe management of temporary files during the build process. Files are stored under /tmp and have predictable names, vulnerability that allows a local attacker to overwrite arbitrary files the users has write permissions for. For the stable distribution (squeeze), this problem has been fixed in version 0.8.8-5+squeeze1. For the unstable distribution (sid), this problem has been fixed in version 0.8.10-5. We recommend that you upgrade your gnash packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequentlyasked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Several vulnerabilities in Gnash Flash player necessitate urgent patches to mitigate exploitation threats and avert possible data breaches.. Debian Security Advisory, Gnash Update, Flash Player Issues. . LinuxSecurity.com Team

Calendar 2 Mar 20, 2012 Debian
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here