Microsoft DirectShow AVI Decoder Buffer Overflow (MS05-050; CVE-2005-2128)

Microsoft DirectX is a set of low-level application programming interfaces APIs for creating high-performance multimedia applications. Microsoft DirectShow is an architecture for streaming media on the Microsoft Windows platform and provides for the capture and playback of multimedia streams. It...

SuSE9 Security Update : IBM Java5 JRE and SDK (YOU Patch Number 12336)

This update brings IBM Java 5 to Service Release 9. It fixes the following security problems : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application...

SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12387)

This update brings the IBM Java 1.4.2 JDK and JRE to Service Release 13. It fixes lots of bugs and various security issues : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running t...

SuSE9 Security Update : GhostScript (YOU Patch Number 12417)

Specially crafted file could cause a heap-overflow in JBIG2 decoder CVE-2009-0196, an integer overflow in ICC library CVE-2009-0792 or crash the CCITTFax decoder. CVE-2007-6725 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE 11 Security Update : gstreamer (SAT Patch Number 742)

Specially crafted cover art tags in vorbis files could trigger a heap overflow in the base64 decoder. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0586 if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit...

SuSE 11 Security Update : acroread_ja (SAT Patch Number 769)

Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 / CVE-2009-1061 /...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5295)

Specially crafted files could crash the bzip2-decoder. CVE-2008-1372 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41482; scriptversion"1.11";...

SuSE 11 Security Update : GhostScript (SAT Patch Number 876)

Specially crafted file could cause a heap-overflow in JBIG2 decoder CVE-2009-0196, an integer overflow in ICC library CVE-2009-0792, a buffer overflow in BaseFont writer module CVE-2008-6679 or crash the CCITTFax decoder. CVE-2007-6725 The previous security update introduced a regression that bro...

SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 5960)

This update brings IBM Java 5 to Service Release 9. It fixes the following security problems : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application...

CVE-2009-3072

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

Memory corruption

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

CVE-2009-3072

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

CVE-2009-3072

CVE-2009-3072 affects Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19. The vulnerability arises from the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, with memory corruption and potential arbitrary code executio...

CVE-2009-3072

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

Firefox 3.5.3 3.0.14 browser engine crashes

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

Firefox 3.5.3 3.0.14 browser engine crashes

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

Firefox 3.5.3 3.0.14 browser engine crashes

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

[oCERT-2009-013] yTNEF/Evolution TNEF attachment decoder input sanitization errors

2009-013 yTNEF/Evolution TNEF attachment decoder input sanitization errors Description: yTNEF, an open source filter program that decodes Transport Neutral Encapsulation Format TNEF e-mail attachments, and the Evolution TNEF attachment decoder plugin suffer from directory traversal and buffer...

yTNEF и Evolution TNEF attachment decoder

Buffer overflow, directory traversal...

Memory corruption

The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video...