Mozilla Thunderbird 10.0.x < 10.0.7 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - Unspecified memory safety issues exist. CVE-2012-1970 - Multiple use-after-free errors exist. CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956,...

Thunderbird 10.0.x < 10.0.7 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - Unspecified memory safety issues exist. CVE-2012-1970 - Multiple use-after-free errors exist. CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956,...

DEBIAN-CVE-2011-4364

Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service crash and possibly...

DEBIAN-CVE-2012-3461

The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a deni...

CVE-2012-3461

The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a deni...

Mandriva Update for libotr MDVSA-2012:131 (libotr)

Check for the Version of libotr OpenVAS Vulnerability Test Mandriva Update for libotr MDVSA-2012:131 libotr Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

PT-2012-3828 · Python +1 · Python +1

Name of the Vulnerable Software and Affected Versions: Python versions 3.1 through 3.3 Description: The issue allows remote attackers to obtain sensitive information, such as process memory, or cause a denial of service, resulting in memory corruption and crash, via unspecified vectors. This is d...

[SECURITY] [DSA 2526-1] libotr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2526-1 [email protected] http://www.debian.org/security/ Nico Golde August 12, 2012 http://www.debian.org/security/faq -...

DSA-2526-1 libotr - buffer overflow

Bulletin has no description...

libjpeg-turbo

Buffer overflow on JPEG decoding...

Google Chrome < 21.0.1180.60 Multiple Vulnerabilities

Binary data 6528.pasl...

Google Chrome < 21.0.1180.60 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 21.0.1180.60 and is, therefore, affected by the following vulnerabilities : - Re-prompts are not displayed for excessive downloads. CVE-2012-2847 - Drag and drop file access restrictions are not restrictive enough...

Scientific Linux Security Update : cups on SL3.x, SL4.x, SL5.x i386/x86_64

SL5 Only: A heap buffer overflow flaw was found in a CUPS administration interface CGI script. A local attacker able to connect to the IPP port TCP port 631 could send a malicious request causing the script to crash or, potentially, execute arbitrary code as the 'lp' user. Please note: the defaul...

Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64

Multiple NULL pointer dereference flaws were found in the way Pidgin handled Base64 decoding. A remote attacker could use these flaws to crash Pidgin if the target Pidgin user was using the Yahoo! Messenger Protocol, MSN, MySpace, or Extensible Messaging and Presence Protocol XMPP protocol...

pBot - Remote Code Execution

!/usr/bin/perl Exploit Title: pBot Remote Code Execution "" hostauth Date: 31.07.2012 Exploit Author: @bwallHatesTwits Software Link: https://www.firebwall.com/decoding/read.php?u=620d21fd31b87046e94975e03fdafa8a decoded from attempted attack Version: Various versions Tested on: Linux 3.2 use...

Scientific Linux Security Update : glib2 on SL5.x i386/x86_64

Diego Petten discovered multiple integer overflows causing heap-based buffer overflows in GLib's Base64 encoding and decoding functions. An attacker could use these flaws to crash an application using GLib's Base64 functions to encode or decode large, untrusted inputs, or, possibly, execute...

Scientific Linux Security Update : gstreamer-plugins-good on SL5.x i386/x86_64

Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute...

Scientific Linux Security Update : libtasn1 on SL6.x i386/x86_64 (20120327)

libtasn1 is a library developed for ASN.1 Abstract Syntax Notation One structures management that includes DER Distinguished Encoding Rules encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input such as an X.509...

Scientific Linux Security Update : seamonkey on SL3.0.9 i386/x86_64

CVE-2009-2462 Mozilla Browser engine crashes CVE-2009-2463 Mozilla Base64 decoding crash CVE-2009-2466 Mozilla JavaScript engine crashes Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially,...

ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-080 June 6, 2012 - -- CVE ID: CVE-2012-0754 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...