This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2006-12-31
Product Ubuntu Linux Last view 2016-12-16
Version 7.04 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2016-12-16 CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.

7.8 2016-12-16 CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

7.8 2016-11-27 CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

7.8 2008-09-24 CVE-2008-4068

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.

4.3 2008-09-24 CVE-2008-4065

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) characters that are removed from JavaScript code before execution, aka "Stripped BOM characters bug."

9.3 2008-09-24 CVE-2008-4063

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.

10 2008-09-24 CVE-2008-4062

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.

10 2008-09-24 CVE-2008-4061

Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.

7.5 2008-09-24 CVE-2008-4058

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.

9.3 2008-09-24 CVE-2008-3837

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.

2.1 2008-08-08 CVE-2008-3272

The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.

7.8 2008-07-09 CVE-2008-2931

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

7.8 2008-06-24 CVE-2008-2726

Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.

7.8 2008-06-24 CVE-2008-2725

Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "REALLOC_N" variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.

7.8 2008-06-24 CVE-2008-2664

The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.

10 2008-06-24 CVE-2008-2663

Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.

10 2008-06-24 CVE-2008-2662

Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.

5 2008-06-23 CVE-2008-2829

php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function.

7.8 2008-05-16 CVE-2008-2136

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.

9.3 2008-03-06 CVE-2008-1195

Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.

7.5 2008-01-10 CVE-2008-0226

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.

4 2008-01-09 CVE-2007-4772

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

4.3 2007-10-08 CVE-2007-5268

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

6.9 2007-09-21 CVE-2007-5023

Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder.

5.5 2007-09-21 CVE-2007-4497

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors.

CWE : Common Weakness Enumeration

%idName
18% (6) CWE-189 Numeric Errors
15% (5) CWE-399 Resource Management Errors
15% (5) CWE-264 Permissions, Privileges, and Access Controls
15% (5) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
6% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
6% (2) CWE-20 Improper Input Validation
3% (1) CWE-269 Improper Privilege Management
3% (1) CWE-254 Security Features
3% (1) CWE-200 Information Exposure
3% (1) CWE-191 Integer Underflow (Wrap or Wraparound)
3% (1) CWE-190 Integer Overflow or Wraparound
3% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
3% (1) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
3% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

SAINT Exploits

Description Link
Ubuntu overlayfs privilege elevation More info here
MySQL yaSSL SSL Hello message buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
48769 Mozilla Multiple Products resource URI Traversal Access Restriction Bypass
48768 Mozilla Multiple Products window.moveBy Crafted onmousedown drag-and-drop Act...
48764 Mozilla Firefox nsFrameList::SortByContentOrder Function Memory Corruption
48763 Mozilla Firefox indic IME Extension Memory Corruption
48762 Mozilla Firefox nsContentList::Item Function this Variable Memory Corruption
48760 Mozilla Multiple Products Stripped BOM Character XSS
48759 Mozilla Multiple Products MathML Component rowspan Attribute Handling Memory ...
48751 Mozilla Multiple Products nsJSNPRuntime.cpp nsNPObjWrapper::GetNewOrUsed Func...
48750 Mozilla Multiple Products nsEscape.cpp nsEscapeCount Function Memory Corruption
48749 Mozilla Multiple Products jsxml.c Namespace / Qname Characteristic Handling M...
48746 Mozilla Multiple Products XPCNativeWrappers Pollution Arbitrary Code Execution
47362 Linux Kernel snd_seq_oss_synth_make_info() Function Local Information Disclosure
47001 Linux Kernel fs/namespace.c do_change_type Function Mountpoint Manipulation L...
46641 PHP php_imap.c Obsolete API Crafted IMAP Request Overflow DoS
46554 Ruby rb_ary_splice Function Overflow (beg + rlen)
46553 Ruby rb_ary_splice Function REALLOC_N Overflow
46552 Ruby rb_str_format Function Unspecified Memory Corruption
46551 Ruby rb_ary_store Function Multiple Overflows
46550 Ruby rb_str_buf_append Function Multiple Overflows
45421 Linux Kernel net/ipv6/sit.c ipip6_rcv function Simple Internet Transition Tun...
43180 MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
42601 Sun Java JRE JavaScript Arbitrary Java API Access
41935 yaSSL hash.cpp HASHwithTransform::Update Function Remote Overflow
41196 yaSSL yassl_imp.cpp input_buffer& operator>> Remote Overflow
41195 yaSSL handshake.cpp ProcessOldClientHello Function Remote Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-06-21 Name : PHP version smaller than 4.4.8
File : nvt/nopsec_php_4_4_8.nasl
2012-06-21 Name : PHP version smaller than 5.2.7
File : nvt/nopsec_php_5_2_7.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:0001-01 centos2 i386
File : nvt/gb_CESA-2009_0001-01_kernel_centos2_i386.nasl
2010-05-28 Name : Java for Mac OS X 10.5 Update 2
File : nvt/macosx_java_for_10_5_upd_2.nasl
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2010-05-12 Name : Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003
File : nvt/macosx_upd_10_5_3_secupd_2008-003.nasl
2010-05-12 Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-22 Name : HP-UX Update for Apache-based Web Server HPSBUX02465
File : nvt/gb_hp_ux_HPSBUX02465.nasl
2009-10-13 Name : SLES10: Security update for MozillaFirefox
File : nvt/sles10_MozillaFirefox4.nasl
2009-10-13 Name : SLES10: Security update for Mozilla
File : nvt/sles10_gecko-sdk.nasl
2009-10-13 Name : SLES10: Security update for IBM Java 1.4.2
File : nvt/sles10_java-1_4_2-ibm3.nasl
2009-10-13 Name : SLES10: Security update for Sun Java
File : nvt/sles10_java-1_4_2-sun1.nasl
2009-10-13 Name : SLES10: Security update for IBM Java 1.5.0
File : nvt/sles10_java-1_5_0-ibm4.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel0.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel3.nasl
2009-10-13 Name : SLES10: Security update for Linux Kernel (x86)
File : nvt/sles10_kernel7.nasl
2009-10-13 Name : SLES10: Security update for epiphany
File : nvt/sles10_mozilla-xulrunn.nasl
2009-10-13 Name : SLES10: Security update for MySQL
File : nvt/sles10_mysql1.nasl
2009-10-13 Name : SLES10: Security update for PostgreSQL
File : nvt/sles10_postgresql1.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5012110.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5015662.nasl
2009-10-10 Name : SLES9: Security update for postgresql
File : nvt/sles9p5021809.nasl
2009-10-10 Name : SLES9: Security update for MySQL
File : nvt/sles9p5021882.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2009-A-0105 Multiple Vulnerabilities in VMware Products
Severity: Category I - VMSKEY: V0021867

Snort® IPS/IDS

Date Description
2014-01-10 IPv6 packets encapsulated in IPv4
RuleID : 8446 - Type : POLICY-OTHER - Revision : 8
2020-01-07 yaSSL SSL Hello Message buffer overflow attempt
RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1
2017-08-29 Mozilla Firefox BOM character cross site scripting attempt
RuleID : 43749 - Type : BROWSER-FIREFOX - Revision : 2
2017-08-29 Mozilla Firefox BOM character cross site scripting attempt
RuleID : 43748 - Type : BROWSER-FIREFOX - Revision : 2
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41041 - Type : OS-LINUX - Revision : 2
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41040 - Type : OS-LINUX - Revision : 2
2014-01-10 DECODE_IPV6_TUNNELED_IPV4_TRUNCATED
RuleID : 291 - Type : DECODE_IPV6_TUNNELED_IPV4_TRUNCATED - Revision : 1
2014-01-10 yaSSL SSL Hello Message Buffer Overflow attempt
RuleID : 18513 - Type : SERVER-MYSQL - Revision : 13
2014-01-10 yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt
RuleID : 13714 - Type : SERVER-MYSQL - Revision : 16
2014-01-10 yaSSL SSLv2 Client Hello Message Challenge Buffer Overflow attempt
RuleID : 13713 - Type : MYSQL - Revision : 9
2014-01-10 yaSSL SSLv2 Client Hello Message Session ID Buffer Overflow attempt
RuleID : 13712 - Type : MYSQL - Revision : 9
2014-01-10 yaSSL SSLv2 Client Hello Message Cipher Length Buffer Overflow attempt
RuleID : 13711 - Type : MYSQL - Revision : 9
2014-01-10 yaSSL SSL Hello Message Buffer Overflow attempt
RuleID : 13593 - Type : MYSQL - Revision : 7

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-12-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3157-1.nasl - Type: ACT_GATHER_INFO
2016-03-08 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0677-1.nasl - Type: ACT_GATHER_INFO
2016-03-03 Name: The remote host is missing a security-related patch.
File: vmware_VMSA-2009-0014_remote.nasl - Type: ACT_GATHER_INFO
2016-02-26 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-271.nasl - Type: ACT_GATHER_INFO
2016-02-25 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0555-1.nasl - Type: ACT_GATHER_INFO
2016-02-24 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-253.nasl - Type: ACT_GATHER_INFO
2016-02-23 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0539-1.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2640-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2642-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2643-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2644-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2646-2.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2640-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2642-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2643-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2644-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2645-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2646-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2647-1.nasl - Type: ACT_GATHER_INFO
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-11.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2008-2005.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2008-2006.nasl - Type: ACT_GATHER_INFO
2014-10-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL7859.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0336.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0347.nasl - Type: ACT_GATHER_INFO