10 matches found
RHEL 6 : libarchive (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libarchive: directory traversal in bsdcpio CVE-2015-2304 - libarchive: Infinite recursion in...
Information Disclosure
kernel is vulnerable to information disclosure. A flaw was found in the way the dosigaltstack function in the Linux kernel copies the stackt structure to user-space. On 64-bit machines, this flaw could lead to a four-byte information leak...
Fedora 20 : lcms-1.19-13.fc20 (2015-1648)
apply patch for CVE-2013-4276 - apply patch for 'Use of uninitialized values on 64 bit machines.' Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Integer overflow
Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper conversion between...
CVE-2013-0211
Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper conversion between...
CVE-2013-0211
Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper conversion between...
libarchive -- multiple vulnerabilities
MITRE reports: Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper...
Microsoft Adds New Exploit Mitigations to IE 10
Windows 8 is still off on the horizon somewhere, but the new version of Internet Explorer that’s coming with it–IE 10–already is in consumer preview and it includes some major changes to the exploit mitigations. In addition to the existing implementations of ASLR, DEP and others technologies in...
CVE-2007-1884
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via 1 certain negative argument numbers that arise in the phpformattedprint function because of 64 to 32 bit...
Integer overflow
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via 1 certain negative argument numbers that arise in the phpformattedprint function because of 64 to 32 bit...