Package: foobar Version: FILLINAFFECTEDVERSION Severity: FILLINSEVERITY Tags: security
Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for foobar. CVE-2006-4511[0]: | Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows | remote attackers to cause a denial of service (crash) via a crafted | HTTP POST request to TCP port 8300 with a modified val parameter, | which triggers a null dereference related to "zero-size strings in | blowfish routines." CVE-2006-4512[1]: | ** RESERVED ** | This candidate has been reserved by an organization or individual that | will use it when announcing a new security problem. When the | candidate has been publicized, the details for this candidate will be | provided. CVE-2006-4513[2]: | Multiple integer overflows in the WV library in wvWare (formerly | mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly | other products, allow user-assisted remote attackers to execute | arbitrary code via a crafted Microsoft Word (DOC) file that produces | (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a | large LFO nolfo value in the wvGetFLO_PLF function. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4511 http://security-tracker.debian.net/tracker/CVE-2006-4511 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4512 http://security-tracker.debian.net/tracker/CVE-2006-4512 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4513 http://security-tracker.debian.net/tracker/CVE-2006-4513 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
