giflib security update

CentOS Errata and Security Advisory CESA-2009:0444 Updated giflib packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The giflib packages contain a shared...

CVE-2009-1187

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to CairoOutputDev CairoOutputDev.cc...

CVE-2009-1188

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

Integer overflow

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

CVE-2009-1188

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

DEBIAN-CVE-2009-1188

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

CVE-2009-1187

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to CairoOutputDev CairoOutputDev.cc...

DEBIAN-CVE-2009-1187

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to CairoOutputDev CairoOutputDev.cc...

Integer overflow

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to CairoOutputDev CairoOutputDev.cc...

CVE-2009-1188

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

CVE-2009-1187

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to CairoOutputDev CairoOutputDev.cc...

CVE-2009-1187

Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to CairoOutputDev CairoOutputDev.cc...

CVE-2009-1187

CVE-2009-1187 : Poppler before 0.10.6 has an integer overflow in the JBIG2 decoding feature, reported as vulnerable in the CairoOutputDev path (CairoOutputDev.cc). Described impact: remote attackers can cause a denial of service (crash) and potentially execute arbitrary code via crafted JBIG2 dat...

CVE-2009-0163

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the 1 cupsImageReadTIFF function in the imagetops filter...

DEBIAN-CVE-2009-0163

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the 1 cupsImageReadTIFF function in the imagetops filter...

CVE-2009-0163

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the 1 cupsImageReadTIFF function in the imagetops filter...

CVE-2009-1188

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

Mandrake Linux Security Advisory : imlib2 (MDKSA-2007:156)

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...

FreeBSD : ripMIME -- decoding bug allowing content filter bypass (85e19dff-e606-11d8-9b0a-000347a4fa7d)

ripMIME may prematurely terminate decoding Base64 encoded messages when it encounters multiple blank lines or other non-standard Base64 constructs. Virus scanning and content filtering tools that use ripMIME may therefore be bypassed. The ripMIME CHANGELOG file says : There's viruses going around...

FreeBSD : squid ACL bypass due to URL decoding bug (705e003a-7f36-11d8-9645-0020ed76ef5a)

From the Squid advisory : Squid versions 2.5.STABLE4 and earlier contain a bug in the '%xx' URL decoding function. It may insert a NUL character into decoded URLs, which may allow users to bypass urlregex ACLs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...