object/oriented programming language
Multiple integer overflows in Python have an unspecified impact.
Background
==========
Python is an interpreted, interactive, object-oriented programming
language.
Affected packages
=================
execution of arbitrary code.
Background
==========
Python is an interpreted, interactive, object-oriented programming
language.
Affected packages
=================
attacks including arbitrary code execution and Denial of Service.
Background
==========
Ruby is an interpreted object-oriented programming language. The
elaborate standard library includes an HTTP server ("WEBRick") and a
class for XML parsing ("REXML").
Affected packages
=================
arbitrary code.
Background
==========
Python is an interpreted, interactive, object-oriented programming
language.
Affected packages
=================
Multiple integer overflows may allow for Denial of Service.
Background
==========
Python is an interpreted, interactive, object-oriented programming
language.
Affected packages
=================
Background
==========
Ruby is an interpreted scripting language for quick and easy
object-oriented programming. It comes bundled with a HTTP server
("WEBrick").
Affected packages
=================
Denial of Service.
Background
==========
Python is an interpreted, interactive, object-oriented programming
language.
Affected packages
=================
cause a Denial of Service attack.
Background
==========
Ruby is an interpreted object-oriented programming language. The
elaborate standard library includes the "BigDecimal" class.
Affected packages
=================
-------------------------
Invision Power Board (IPB) is a professional forum system that has
been built
from the ground up with speed and security in mind, taking advantage
of object
oriented code, highly-optimized SQL queries, and the fast PHP engine. A
comprehensive administration control panel is included to help you
keep your
board running smoothly. Moderators will also enjoy the full range of
options
available to them via built-in tools and moderators control panel.
attackers to read and write arbitrary files.
Background
==========
CherryPy is a Python-based, object-oriented web development framework.
Affected packages
=================
-------------------------------------------------------------------
Vulnerability : programming error
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2007-5162 CVE-2007-5770
Several vulnerabilities have been discovered in Ruby, an object-oriented
scripting language. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2007-5162
Vulnerability : programming error
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2007-5162 CVE-2007-5770
Several vulnerabilities have been discovered in Ruby, an object-oriented
scripting language. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2007-5162
I. BACKGROUND
Quicktime is Apple's media player product, and is used to render video
and other media. The PICT file format was developed by Apple Inc. in
1984. PICT files can contain both object oriented images and bitmaps.
For more information visit the vendor's web site at the following URL.
http://www.apple.com/quicktime/
II. DESCRIPTION
CVE Name: N/A
3. *Vulnerability Description*
eFront [1] is an easy-to-use, open source and object-oriented
multilingual eLearning platform that can be used to build learning
communities, educate and retain the end-users.
eFront is vulnerable to local file inclusion vulnerability, which
allows an external remote attacker to upload an arbitrary file and
The winappdbg python module allows developers to quickly code
instrumentation scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and
provides an object-oriented abstraction layer to manipulate threads,
libraries and processes, attach your script as a debugger, trace
execution, hook API calls, handle events in your debugee and set
breakpoints of different kinds (code, hardware and memory).
Additionally it has no native code at all, making it easier to
maintain or modify than other debuggers on Windows.
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-0252
It was discovered that a directory traversal vulnerability in CherryPy,
a pythonic, object-oriented web development framework may lead to denial
of service by deleting files through malicious session IDs in cookies.
For the stable distribution (etch), this problem has been fixed in
version 2.2.1-3etch1.
***********************************************************************
Summary
Metrica Service Assurance Framework implements a distributed,
object-oriented, J2EE-based architecture. It work with a Web-based
user interfaces, from end-user report generation to detailed system
administration and configuration.
***********************************************************************
Discovered by Martin Barbella <barbella@sas.upenn.edu>
Description of Vulnerability:
-----------------------------
JpGraph is an object oriented library for PHP that can be used to create
various types of graphs which also contains support for client side
image maps.
The GetURLArguments function for the JpGraph's Graph class does not
properly sanitize the names of get and post variables, leading to a
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to manipulate threads, libraries and
processes, attach your script as a debugger, trace execution, hook API calls,
handle events in your debugee and set breakpoints of different kinds (code,
The WinAppDbg python module allows developers to quickly code instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to manipulate threads, libraries and
processes, attach your script as a debugger, trace execution, hook API calls,
handle events in your debugee and set breakpoints of different kinds (code,
hardware and memory). Additionally it has no native code at all, making it
easier to maintain or modify than other debuggers on Windows.
Jared
>
> It uses ctypes to wrap many Win32 API calls related to debugging, and provides
> an object-oriented abstraction layer to manipulate threads, libraries and
> processes, attach your script as a debugger, trace execution, hook API calls,
> handle events in your debugee and set breakpoints of different kinds (code,
> hardware and memory). Additionally it has no native code at all, making it
> easier to maintain or modify than other debuggers on Windows.
>
I. Background
The FreeBSD kernel provides support for a variety of different types of
communications sockets, including IPv4, IPv6, ISDN, ATM, routing protocol,
link-layer, netgraph(4), and bluetooth sockets. As an early form of
object-oriented design, much of the functionality specific to different
types of sockets is abstracted via function pointers.
II. Problem Description
Some function pointers for netgraph and bluetooth sockets are not
Vulnerability : programming error
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2007-5162 CVE-2007-5770
Several vulnerabilities have been discovered in Ruby, an object-oriented
scripting language. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2007-5162
The WinAppDbg python module allows developers to quickly code instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to manipulate threads, libraries and
processes, attach your script as a debugger, trace execution, hook API calls,
handle events in your debugee and set breakpoints of different kinds (code,
hardware and memory). Additionally it has no native code at all, making it
easier to maintain or modify than other debuggers on Windows.
|
