Fedora Core 11 FEDORA-2009-7417 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7417. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora Core 10 FEDORA-2009-7358 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7358. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

RedHat Security Advisory RHSA-2009:1123

The remote host is missing updates announced in advisory RHSA-2009:1123. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws,...

RedHat Security Advisory RHSA-2009:1123

The remote host is missing updates announced in advisory RHSA-2009:1123. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws,...

gstreamer security update

CentOS Errata and Security Advisory CESA-2009:1123 Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a...

Moderate: Red Hat Security Advisory: gstreamer-plugins-good security update

Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters whi...

Foxit Reader JPEG2000 / JBIG Decoder Add-On < 2.0.2009.616 Multiple Vulnerabilities

The Foxit Reader application installed on the remote Windows host includes an optional JPEG2000 / JBIG Decoder add-on that is prior to version 2.0.2009.616. It is, therefore affected by multiple vulnerabilities : - A out-of-bounds read error exists in the add-on due to improper handling of a...

Microsoft .NET ViewState Detection and Decoding

Binary data 7005.pasl...

CVE-2009-1122

The WebDAV extension in Microsoft Internet Information Services IIS 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability...

Microsoft IIS Security Bypass Vulnerability (970483)

This host is missing a critical security update according to Microsoft Bulletin MS09-020. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Ubuntu USN-761-2 (php5)

The remote host is missing an update to php5 announced via advisory USN-761-2. OpenVAS Vulnerability Test $Id: ubuntu7612.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7612.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-761-2 php5 Authors: Thomas Reinke...

Apple QuickTime Packed-bit Decoding Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application...

CVE-2008-3869

Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters...

Microsoft accused of downplaying IIS flaw

A security researcher from nCircle is accusing Microsoft of gamesmanship in its description of an unpatched IIS vulnerability in the way the WebDAV extension decodes a requested URL. The end result is that a successful exploit would allow a hacker to bypass authentication and gain unauthorized...

Microsoft IIS WebDAV Extension URL Decoding Security Bypass (CVE-2009-1535)

Web Distributed Authoring and Versioning WebDAV is a set of extensions for HTTP that allow clients to publish, lock, and manage resources on the Web. An elevation of privilege vulnerability has been reported in the Microsoft Windows WebDAV extension for IIS. The vulnerability is due to an error i...

xpdf/poppler: SplashBitmap integer overflow

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

PDF JBIG2 invalid free()

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...

poppler CairoOutputDev integer overflow

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to CairoOutputDev CairoOutputDev.cc...

Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)

This host is installed with Ghostscript and is prone to Buffer Overflow Vulnerability. OpenVAS Vulnerability Test $Id: secpodghostscriptmultbofvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ Ghostscript Multiple Buffer Overflow Vulnerabilities Windows. Authors: Nikita MR Copyright: Copyright c 20...

Mandrake Security Advisory MDVSA-2009:095 (ghostscript)

The remote host is missing an update to ghostscript announced via advisory MDVSA-2009:095. OpenVAS Vulnerability Test $Id: mdksa2009095.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:095 ghostscript Authors: Thomas Reinke Copyright: Copyright c 2009...