mozilla -- BMP decoder vulnerabilities

Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution...

CVE-2004-0644

The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding...

CVE-2004-0644

The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding...

CVE-2004-0644

The CVE-2004-0644 entry concerns MIT Kerberos 5 (krb5) 1.2.2–1.3.4, where the asn1buf_skiptail function in the ASN.1 decoder library allows remote attackers to cause a denial of service (infinite loop) via a specific BER encoding. Affected software includes the KDC and krb5 libraries; the impact ...

libxine -- DVD subpicture decoder heap overflow

A xine security announcement states: A heap overflow has been found in the DVD subpicture decoder of xine-lib. This can be used for a remote heap overflow exploit, which can, on some systems, lead to or help in executing malicious code with the permissions of the user running a xine-lib based med...

MIT krb5: Multiple vulnerabilities

Background MIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology. Description The implementation of the Key Distribution Center KDC and the MIT krb5 library contain double-free vulnerabilities, making client programs as we...

CVE-2004-0785

CVE-2004-0785 affects Gaim (pre-0.82). The advisory states multiple buffer overflows that allow remote attackers to cause denial of service and potentially execute arbitrary code via (1) RTF messages, (2) an excessively long hostname from DNS, or (3) an overly long URL not properly decoded. Produ...

CVE-2003-0093

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service crash via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop...

CVE-2003-0093

The CVE-2003-0093 entry concerns tcpdump 3.6.2 and earlier, where the RADIUS packet decoder can crash the process by processing an invalid RADIUS packet with a header length field of 0. This condition causes tcpdump to enter an infinite loop, yielding a denial of service. Connected documents (e.g...

CVE-2003-0093

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service crash via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop...

CVE-2002-0036

Summary: CVE-2002-0036 is a signedness bug in MIT Kerberos V5 ASN.1 decoder prior to krb5 1.2.5, allowing a remote attacker to trigger a denial of service by sending a large unsigned data element length that is later treated as negative. Impact: DoS of Kerberos services (notably KDC/servers) as d...

CVE-2002-0036

Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value...

MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service

-----BEGIN PGP SIGNED MESSAGE----- MIT krb5 Security Advisory 2004-003 Original release: 2004-08-31 Topic: ASN.1 decoder denial of service Severity: serious SUMMARY ======= The ASN.1 decoder library in the MIT Kerberos 5 distribution is vulnerable to a denial-of-service attack causing an infinite...

FreeBSD : krb5 -- ASN.1 decoder denial-of-service vulnerability (86)

The following package needs to be updated: krb5 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgbd60922bfb8d11d8a13e000a95bc6fae.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-200...

security flaw

Double free vulnerabilities in the error handling code for ASN.1 decoders in the 1 Key Distribution Center KDC library and 2 client library for MIT Kerberos 5 krb5 1.3.4 and earlier may allow remote attackers to execute arbitrary code...

security flaw

The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding...

FreeBSD : ImageMagick -- BMP decoder buffer overflow (b6cad7f3-fb59-11d8-9837-000c41e2cdad)

Marcus Meissner discovered that ImageMagick's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...

FreeBSD : imlib2 -- BMP decoder buffer overflow (74)

The following package needs to be updated: imlib2 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgba005226fb5b11d89837000c41e2cdad.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

FreeBSD : imlib -- BMP decoder heap buffer overflow (75)

The following package needs to be updated: imlib %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg00644f03fb5811d89837000c41e2cdad.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

imlib2 -- BMP decoder buffer overflow

Marcus Meissner discovered that imlib2's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. There appears to be both a stack-based and a heap-based buffer overflow that are believed to be exploitable for arbitrary code executio...