Ubuntu 8.10 : gst-plugins-base0.10 vulnerability (USN-735-1)

It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges. Note that Tenable...

Ubuntu 8.10 : openjdk-6 vulnerabilities (USN-748-1)

It was discovered that font creation could leak temporary files. If a user were tricked into loading a malicious program or applet, a remote attacker could consume disk space, leading to a denial of service. CVE-2006-2426, CVE-2009-1100 It was discovered that the lightweight HttpServer did not...

Mandriva Linux Security Advisory : libsoup (MDVSA-2009:081)

An integer overflow in libsoup Base64 encoding and decoding functions enables attackers either to cause denial of service and to execute arbitrary code CVE-2009-0585. This update provides the fix for that security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

Important: Red Hat Security Advisory: giflib security update

Updated giflib packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The giflib packages contain a shared library of functions for loading and saving GIF ima...

CentOS 3 : cups (CESA-2009:0428)

Updated cups packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIXr Printing System CUPS provides a portable printing layer for UNIX operating...

Ubuntu: Security Advisory (USN-757-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ghsotscript / XPDF / CUPS pdftops buffer overflow

Buffer overflow on JBIG2 decoding...

cups security update

CentOS Errata and Security Advisory CESA-2009:0429 Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Common UNIX® Printing System...

cups security update

CentOS Errata and Security Advisory CESA-2009:0428 Updated cups packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX® Printing System CUPS provide...

RHEL 3 : cups (RHSA-2009:0428)

Updated cups packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIXr Printing System CUPS provides a portable printing layer for UNIX operating...

PDF JBIG2 integer overflow

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file...

cups: Integer overflow in the TIFF image filter

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the 1 cupsImageReadTIFF function in the imagetops filter...

cups: Integer overflow in the TIFF image filter

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the 1 cupsImageReadTIFF function in the imagetops filter...

CVE-2009-0196

Heap-based buffer overflow in the big2decodesymboldict function jbig2symboldict.c in the JBIG2 decoding library jbig2dec in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run...

Heap overflow

Heap-based buffer overflow in the big2decodesymboldict function jbig2symboldict.c in the JBIG2 decoding library jbig2dec in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run...

CVE-2009-0196

Heap-based buffer overflow in the big2decodesymboldict function jbig2symboldict.c in the JBIG2 decoding library jbig2dec in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run...

CVE-2009-0196

Heap-based buffer overflow in the big2decodesymboldict function jbig2symboldict.c in the JBIG2 decoding library jbig2dec in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run...

ghostscript: Missing boundary check in Ghostscript's jbig2dec library

Heap-based buffer overflow in the big2decodesymboldict function jbig2symboldict.c in the JBIG2 decoding library jbig2dec in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run...

ghostscript: DoS (crash) in CCITTFax decoding filter

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cfdecode2d function...

[Backports-security-announce] Security Update for openafs

Russ Allbery uploaded new packages for openafs a distributed file system which fixed the following security problems: CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a...