[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...

SuSE 11 Security Update : glib2 (SAT Patch Number 817)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2008-4316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

SuSE 10 Security Update : libsoup (ZYPP Patch Number 6223)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0585 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

JScript Scripting Engine Web Pages Decoding Code Execution (MS09-045; CVE-2009-1920)

JScript is an interpreted, object-based scripting language that is often used to make Web sites more flexible or interactive. A remote code execution vulnerability has been reported in the way that the JScript scripting engine decodes script in Web pages. The vulnerability is due to a memory...

Adobe Acrobat / Reader code execution

Vulnerability is used in-the-wild for hidden malware installations. Recomendations are to disable PDF displaying inside browser and Javascript in PDF documents. Buffer overflow in JBIG2 decoding, buffer overflow in getIcon javascript function...

Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious web page or open a malicious JNLP file. The specific flaw exists within the code responsible for handling...

Fedora Core 10 FEDORA-2009-7717 (mingw32-libtiff)

The remote host is missing an update to mingw32-libtiff announced via advisory FEDORA-2009-7717. OpenVAS Vulnerability Test $Id: fcore20097717.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7717 mingw32-libtiff Authors: Thomas Reinke Copyright:...

Fedora Core 10 FEDORA-2009-7724 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7724. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora Core 11 FEDORA-2009-7775 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7775. OpenVAS Vulnerability Test $Id: fcore20097775.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7775 libtiff Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 10 FEDORA-2009-7717 (mingw32-libtiff)

The remote host is missing an update to mingw32-libtiff announced via advisory FEDORA-2009-7717. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright...

Fedora Core 11 FEDORA-2009-7775 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7775. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Mozilla Base64 decoding crash

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

openSUSE Security Update : glib2 (glib2-815)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code CVE-2008-4316. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

libtiff security update

3.8.2-7.el5.4 - Fix buffer overrun risks caused by unchecked integer overflow CVE-2009-2347 Resolves: 507725 3.8.2-7.el5.3 - Fix some more LZW decoding vulnerabilities CVE-2009-2285 Resolves: 507725 - Update upstream URL...

Microsoft Virtual PC and Virtual Server Privilege Escalation Vulnerability

Description Microsoft Virtual PC and Virtual Server are prone to a privilege-escalation vulnerability caused by an error in decoding privileged instructions. Note that this issue affects only systems that do not use hardware-assisted virtualization. Successful exploits may allow local attackers t...

Fedora Core 9 FEDORA-2009-7335 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7335. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora 10 : libtiff-3.8.2-13.fc10 (2009-7358)

Fixes latest libtiff LZW decoding crash problem Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Core 11 FEDORA-2009-7417 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7417. OpenVAS Vulnerability Test $Id: fcore20097417.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7417 libtiff Authors: Thomas Reinke Copyright: Copyright c 2009...