5949 matches found
CVE-2012-2858
CVE-2012-2858 is a Chrome/WebP decoder buffer overflow vulnerability. A crafted WebP image could trigger remote denial of service (and possible other impact). Affected: Google Chrome prior to 21.0.1180.57 on Mac/Linux and prior to 21.0.1180.60 on Windows/Chrome Frame. Remediation (per GLSA): upgr...
CVE-2012-2849
Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service out-of-bounds read via a crafted image...
CVE-2012-2849
CVE-2012-2849 affects Google Chrome’s GIF decoder. An off-by-one read in the GIF decoder can be triggered by a crafted image, leading to a denial of service. Affected versions are Chrome before 21.0.1180.57 on macOS and Linux, and before 21.0.1180.60 on Windows and Chrome Frame. Public references...
CVE-2012-2858
Removed by vendor...
CVE-2012-2849
Removed by vendor...
Mandriva Update for ffmpeg MDVSA-2012:075 (ffmpeg)
Check for the Version of ffmpeg OpenVAS Vulnerability Test Mandriva Update for ffmpeg MDVSA-2012:075 ffmpeg Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64
CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-3873 OpenJDK JPEG Image Writer quantization problem 6862968 CVE-2009-3875 OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities 6863503 CVE-2009-3876 OpenJDK ASN.1/DER input stream parser denial of service 68649...
Scientific Linux Security Update : krb5 on SL3.x i386/x86_64
An input validation flaw was found in the ASN.1 Abstract Syntax Notation One decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to dereference or free an uninitialized pointer or,...
Scientific Linux Security Update : nss, nspr, and nss-util on SL6.x i386/x86_64 (20120717)
Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1...
Scientific Linux Security Update : tetex on SL5.x i386/x86_64
Multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. CVE-2010-0739, CVE-2010-1440...
Scientific Linux Security Update : poppler on SL5.x i386/x86_64
Multiple integer overflow flaws were found in poppler. An attacker could create a malicious PDF file that would cause applications that use poppler such as Evince to crash or, potentially, execute arbitrary code when opened. CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188 Multiple buff...
Scientific Linux Security Update : kdegraphics on SL4.x, SL5.x i386/x86_64
Multiple integer overflow flaws were found in KPDF's JBIG2 decoder. An attacker could create a malicious PDF file that would cause KPDF to crash or, potentially, execute arbitrary code when opened. CVE-2009-0147, CVE-2009-1179 Multiple buffer overflow flaws were found in KPDF's JBIG2 decoder. An...
Scientific Linux Security Update : gpdf on SL4.x i386/x86_64
Multiple integer overflow flaws were found in GPdf's JBIG2 decoder. An attacker could create a malicious PDF file that would cause GPdf to crash or, potentially, execute arbitrary code when opened. CVE-2009-0147, CVE-2009-1179 Multiple buffer overflow flaws were found in GPdf's JBIG2 decoder. An...
Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20120717)
Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1...
Scientific Linux Security Update : krb5 on SL4.x, SL5.x i386/x86_64
An input validation flaw was found in the ASN.1 Abstract Syntax Notation One decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to dereference or free an uninitialized pointer...
Scientific Linux Security Update : xpdf on SL3.x, SL4.x i386/x86_64
Multiple integer overflow flaws were found in Xpdf's JBIG2 decoder. An attacker could create a malicious PDF file that would cause Xpdf to crash or, potentially, execute arbitrary code when opened. CVE-2009-0147, CVE-2009-1179 Multiple buffer overflow flaws were found in Xpdf's JBIG2 decoder. An...
CentOS Update for nspr CESA-2012:1091 centos6
Check for the Version of nspr OpenVAS Vulnerability Test CentOS Update for nspr CESA-2012:1091 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for nspr CESA-2012:1090 centos5
Check for the Version of nspr OpenVAS Vulnerability Test CentOS Update for nspr CESA-2012:1090 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Medium: nss
Issue Overview: A flaw was found in the way the ASN.1 Abstract Syntax Notation One decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a...
RedHat Update for nss and nspr RHSA-2012:1090-01
Check for the Version of nss and nspr OpenVAS Vulnerability Test RedHat Update for nss and nspr RHSA-2012:1090-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...