Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : qt4-x11 vulnerability (USN-1628-1)

Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security TLS protocol when it is used with data compression. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data compression ...

Ubuntu: Security Advisory (USN-1628-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1627-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for qt4-x11 USN-1628-1

Ubuntu Update for Linux kernel vulnerabilities USN-1628-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16281.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for qt4-x11 USN-1628-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : apache2 vulnerabilities (USN-1627-1)

It was discovered that the modnegotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output durin...

USN-1628-1: Qt vulnerability

Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security TLS protocol when it is used with data compression. If an attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data...

USN-1627-1: Apache HTTP Server vulnerabilities

It was discovered that the modnegotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output durin...

[SECURITY] Fedora 18 Update: optipng-0.7.4-1.fc18

OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. This program also converts external formats BMP, GIF, PNM and TIFF to optimized PNG, and performs PNG integrity checks and corrections...

Fedora Update for openjpeg FEDORA-2012-14717

Check for the Version of openjpeg OpenVAS Vulnerability Test Fedora Update for openjpeg FEDORA-2012-14717 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Debian Security Advisory DSA 2561-1 (tiff)

The remote host is missing an update to tiff announced via advisory DSA 2561-1. OpenVAS Vulnerability Test $Id: deb25611.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2561-1 tiff Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

CVE-2012-4447

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

Heap overflow

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

CVE-2012-4447

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

CVE-2012-4447

CVE-2012-4447 : A heap-based buffer overflow in tif_pixarlog.c of LibTIFF allows remote attackers to crash the application and potentially execute code via a crafted TIFF image using PixarLog Compression. Affected software: LibTIFF up to version 4.0.3 (inclusive). Impact, per sources: denial of s...

CVE-2012-4447

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

CVE-2012-4447

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

[SECURITY] Fedora 16 Update: openjpeg-1.4-14.fc16

OpenJPEG is an open-source JPEG 2000 codec written in C. It has been developed in order to promote the use of JPEG 2000, the new still-image compression standard from the Joint Photographic Experts Group JPEG...

Debian DSA-2561-1 : tiff - buffer overflow

It was discovered that a buffer overflow in libtiff's parsing of files using PixarLog compression could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

Fedora 16 : qt-4.8.2-7.fc16 (2012-15203)

Build patched to disable SSL/TLS compression by default avoiding CRIME attacks, see also http://qt.digia.com/Release-Notes/security-issue-september-2012/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

[SECURITY] Fedora 18 Update: openjpeg-1.5.0-5.fc18

OpenJPEG is an open-source JPEG 2000 codec written in C. It has been developed in order to promote the use of JPEG 2000, the new still-image compression standard from the Joint Photographic Experts Group JPEG...