Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.
a863e2eb03f0ac1937834e096aa9a52158ef6e9eb8144f3d6df45b14d4002a27
Gentoo Linux Security Advisory 201311-10 - Multiple vulnerabilities have been found in GraphicsMagick, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions prior to 1.3.18 are affected.
e0c124eaa158477a4b9518946b776b08c9ff20ff126ef0c29d0bd17f28158e99
Mandriva Linux Security Advisory 2010-105 - This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes for integer and heap-based buffer overflows.
21015d7a02c53ac1cda3b26e69b2cb6288649ac2452dfda2872e6ca061ee6aae
Mandriva Linux Security Advisory 2010-091 - This update provides a new OpenOffice.org version 3.1.1. An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing. A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file. Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file. OpenOffice's xmlsec uses a bundled Libtool which might load.la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled.
8d9c5f17ff17abb01c346325d44694318ba9b0991da8314b424d66dd738fe7f5
Mandriva Linux Security Advisory 2010-075 - OpenOffice's xmlsec uses a bundled Libtool which might load .la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled.
23ab26a558f6ee10fc5753b67472cba4b55f9540928eebeb46b588ba97cdd500
Mandriva Linux Security Advisory 2010-056 - This update provides the OpenOffice.org 3.0 major version and holds multiple security updates relating to integer and heap buffer overflows.
74b7eb99fa9e572af2880279fa7eb4f4842de76630658a18025413b76abcd582
Mandriva Linux Security Advisory 2010-035 - This updates provides a new OpenOffice.org version 3.1.1. It provides various security and bug fixes.
15452c2e00718b55e66bf276cc3026e3e54a4cf7060996539f34030036aab8a2
Debian Linux Security Advisory 1958-1 - It was discovered that ltdl, a system-independent dlopen wrapper for GNU libtool, can be tricked to load and run modules from an arbitrary directory, which might be used to execute arbitrary code with the privileges of the user running an application that uses libltdl.
a246902f67119b2e35ce0cdb38a394e8d2b74d0bc2b10c3027159836041baba8
Mandriva Linux Security Advisory 2009-307 - All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code. This advisory fixes this issue. Additionally, all applications embedding the libtool code were patched in order to avoid possible future exploitations of this issue. Packages for 2008.0 are being provided due to extended support for Corporate products.
4580c92414af51f50419a02aaa9359af1aa6ac28ffdd133be1a228a8a100e457
Mandriva Linux Security Advisory 2009-318 - Multiple security vulnerabilities has been identified and fixed A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification. All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code. Packages for 2008.0 are being provided due to extended support for Corporate products. This update fixes this vulnerability.
57180189922a60fc6fb2be31e076999decbc3545b198b5eaa2ef09248026f28a
Mandriva Linux Security Advisory 2009-307 - All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code. This advisory fixes this issue. Additionally, all applications embedding the libtool code were patched in order to avoid possible future exploitations of this issue.
6c3e5ccdc7414fb4d4e6692818c8d281fa7ac0bbdff3d1e65a37dd79454965f7