Ubuntu 11.04 / 11.10 / 12.04 LTS / 12.10 : python3.2 vulnerabilities (USN-1615-1)

It was discovered that Python distutils contained a race condition when creating the /.pypirc file. A local attacker could exploit this to obtain sensitive information. CVE-2011-4944 It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A...

bogofilter -- heap corruption by invalid base64 input

David Relson reports: Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz, FU Berlin, Germany...

VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0014 Synopsis: VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates Issue date: 2012-10-04 Updated on:...

Design/Logic Flaw

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory...

CVE-2012-4897

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory...

CVE-2012-4897

CVE-2012-4897 affects VMware Movie Decoder prior to 9.0. The advisory describes a binary planting vulnerability in the Movie Decoder installer that could let a local attacker run code by placing a malicious executable in the installer directory. VMware recommends upgrading to Movie Decoder 9.0 (a...

CVE-2012-4897

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory...

JPEGsnoop 1.5.2 <= WriteAV Arbitrary Code Execution Vulnerability

Exploit for windows platform in category local exploits !/usr/bin/perl JPEGsnoop 1.5.2 Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports all image metadata and can even help identify if an image has...

JPEGsnoop 1.5.2 Code Execution

!/usr/bin/perl JPEGsnoop 1.5.2 Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports all image metadata and can even help identify if an image has been edited. Debug info: Microsoft R Windows Debugger...

JPEGsnoop 1.5.2 - WriteAV Crash (PoC)

JPEGsnoop 1.5.2 - WriteAV Crash PoC !/usr/bin/perl JPEGsnoop 1.5.2 Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports all image metadata and can even help identify if an image has been edited. Debug...

VMSA-2012-0014:VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates

VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0014 VMware Security Advisory Synopsis: VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates VMware Security...

Slackware Advisory SSA:2008-111-01 xine-lib

The remote host is missing an update as announced via advisory SSA:2008-111-01. OpenVAS Vulnerability Test $Id: esoftslkssa200811101.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2008-111-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2009-116-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not...

gimp to fix various issues (important)

Multiple integer overflows in various decoder plug-ins of GIMP have been fixed...

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

Heap overflow

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

CVE-2012-0855

The CVE-2012-0855 vulnerability affects FFmpeg’s libavcodec J2K decoder (get_sot in j2k.c). It is a heap-based buffer overflow that can be triggered remotely to cause an application crash (denial of service) and is associated with FFmpeg versions prior to 0.9.1. No exploitation vectors, specific ...

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...