[SECURITY] [DSA 860-1] New Ruby packages fix safety bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 860-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 816-1] New XFree86 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 816-1 [email protected] http://www.debian.org/security/ Martin Schulze September 19th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2996

Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls...

McAfee Intrushield IPS Abuse Update is available

HI, The IntruShield Manager version 2.1.9.17 contains several updates that correct the vulnerable components that were targeted. IntruShield customers may download the new manager version from: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mcn=usupdates&wt.mct=extlicon&cid=10373 On 6...

[SECURITY] [DSA 710-1] New gtkhtml packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 710-1 [email protected] http://www.debian.org/security/ Martin Schulze April 18th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 704-1] New remstats packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 704-1 [email protected] http://www.debian.org/security/ Martin Schulze April 4th, 2005 http://www.debian.org/security/faq -...

security flaw

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...

security flaw

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...

Multiple AtHoc toolbar bugs

Buffer overflows, format string bugs in ActiveX components...

CVE-2004-0910

...

CVE-2003-0903

CVE-2003-0903 corresponds to a buffer overflow in Microsoft Data Access Components (MDAC) 2.5–2.8. The vulnerability resides in a MDAC component that handles responses to SQL Server discovery broadcasts; a malicious UDP reply to a broadcast request can trigger a buffer overrun. Exploitation could...

CVE-2003-0903

Buffer overflow in a component of Microsoft Data Access Components MDAC 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request...

CVE-2002-1142

Heap-based buffer overflow in the Remote Data Services RDS component of Microsoft Data Access Components MDAC 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub...

CVE-2002-1142

CVE-2002-1142 is a heap-based buffer overflow in the MDAC RDS component caused by an unchecked buffer in the RDS Data Stub when handling malformed HTTP requests. Affected: MDAC versions 2.1–2.6 and Internet Explorer 5.01–6.0. Impact: remote code execution with the privileges of the service (e.g.,...

Oracle Application Server contains several vulnerabilities

Overview Several vulnerabilities exist in the Portal and iSQLPlus components of the Oracle Application Server. According the the Oracle Security Alert, exploitation of these vulnerabilities would require the attacker to have network access, but not a valid user account on the vulnerable system...

Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities

Binary data 4504.prm...

Microsoft Security Bulletin MS04-013

Microsoft Security Bulletin MS04-013 Cumulative Security Update for Outlook Express 837009 Issued: April 13, 2004 Version: 1.0 Summary Who should read this document: Customers who have Microsoft® Outlook Express® installed Impact of vulnerability: Remote Code Execution Maximum Severity Rating:...

CVE-2003-0903

Buffer overflow in a component of Microsoft Data Access Components MDAC 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request...

Microsoft ASN.1 Library Length Integer Mishandling Memory Corruption Vulnerability

Description A vulnerability has been reported in the Microsoft ASN.1 library. This issue is related to insufficient checking of data supplied via an externally supplied length field in ASN.1 BER encoded data. This could result in an excessive value being used in a heap allocation routine, allowin...

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Overview Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. Description The HTTP Security Servers component of Check Point Firewall-1 contains an HTTP parsing vulnerability that is triggered by...