PDF JBIG2 MMR infinite loop DoS

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service infinite loop and hang via a crafted PDF file...

PDF JBIG2 MMR decoder buffer overflows

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...

PDF JBIG2 invalid free()

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...

xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a free of uninitialized memory...

xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2SymbolDict::setBitmap and 2 JBIG2Stream::readSymbolDictSeg...

PDF JBIG2 NULL dereference

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a NULL pointer dereference...

PDF JBIG2 multiple input validation flaws

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...

xpdf: Multiple integer overflows in JBIG2 decoder

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2Stream::readSymbolDictSeg, 2 JBIG2Stream::readSymbolDictSeg, and 3...

PDF JBIG2 decoder OOB read

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers an out-of-bounds read...

JDK unspecified vulnerability in Java2D component

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

Unfixed XSS vulnerability at www.cafewebmaster.com

Security researcher trueliarx, has submitted on 18/04/2010 a cross-site-scripting XSS vulnerability affecting www.cafewebmaster.com, which at the time of submission ranked 183800 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is...

Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote buffer-overflow vulnerability when handling specially crafted Audio Video Interleave AVI files. Specifically, this issue arises in the Microsoft MPEG Layer-3 codecs. An attacker can exploit this issue by enticing an unsuspecting user to open a...

Heap overflow

vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary...

CVE-2009-1565

vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary...

Heap overflow

Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote...

CVE-2009-1565

vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary...

CVE-2009-1564

CVE-2009-1564 involves a heap-based buffer overflow in the VMnc movie decoder (vmnc.dll) used by VMware Workstation, VMware Player and related components. The vulnerability allows remote attackers to execute arbitrary code by supplying a crafted AVI file with HexTile-encoded video chunks; affecte...

CVE-2009-1565

VMware VMnc VMnc codec/VMware Movie Decoder (Windows) is affected by CVE-2009-1565. The issue arises from heap-based buffer overflows triggered by crafted HexTile-encoded video chunks in AVI files, enabling remote code execution. Affected products include VMware Movie Decoder before 6.5.4 Build 2...

VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability

VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "VMware is a provider of virtualization software which runs on Microsoft Windows, Linux, and Mac OS X. VMware's enterprise software,...

VMware VMnc编解码器HexTile编码视频块解析堆溢出漏洞

BUGTRAQ ID: 39363 CVE ID: CVE-2009-1564 VMWare是一款虚拟PC软件，允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare媒体解码器包含有用于播放VMware Workstation、VMware Player和VMware ACE所记录电影的VMnc媒体编解码器。vmnc.dll库在处理HexTile编码的视频块时缺少输入检查，用户受骗打开了畸形的AVI文件就可以触发堆溢出，导致执行任意代码。 VMWare Workstation 6.5.x VMWare Player 2.5.x VMWare Server...