===
Ubuntu Security Notice USN-972-1August 17, 2010
freetype vulnerabilities
CVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806,
CVE-2010-2807, CVE-2010-2808
===
A se
===
Ubuntu Security Notice USN-973-1August 17, 2010
koffice vulnerabilities
CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166,
CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,
CVE-2009-1180, CVE-2009-1181, CVE-2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2092-1 secur...@debian.org
http://www.debian.org/security/ Sébastien Delafond
Aug 17th, 2010
Hi,
This may be of some interest to people on the list:
http://lcamtuf.blogspot.com/2010/08/on-designing-uis-for-non-robots.html
In general, there is a class of UI design problems that trace back to
the failure to account for the inherent limitations of human
cognition; the specific example expl
# Exploit Title: Triologic Media Player 8 (.m3u) Local Universal Unicode Buffer
Overflow [SEH]
# Date: August 17, 2010
# Author: Glafkos Charalambous (glafk...@]astalavista[dot]com)
# Software Link:
http://download.cnet.com/Triologic-Media-Player/3000-2139_4-10691520.html
# Version: 8
# Test
CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Apache CouchDB 0.8.0 to 0.11.0
Description:
Apache CouchDB versions prior to version 0.11.1 are vulnerable to
cross site request forgery (CSRF) attacks.
OVERVIEW:
A vulnerability was found in all recent Windows operating systems. The
attack allows a malicious user to physically login on a target host in a
Kerberos-based network, under the assumption that he knows a valid user
principal and has the ability to manipulate network traffic. Our research