DEBIAN-CVE-2004-0782

Integer overflow in pixbufcreatefromxpm io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain ncol and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+...

[ GLSA 200410-11 ] tiff: Buffer overflows in image decoding

Gentoo Linux Security Advisory GLSA 200410-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

GLSA-200410-11 : tiff: Buffer overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200410-11 tiff: Buffer overflows in image decoding Chris Evans found heap-based overflows in RLE decoding routines in tifnext.c, tifthunder.c and potentially tifluv.c. Impact : A remote attacker could entice a user to view a...

tiff: Buffer overflows in image decoding

Background The tiff library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE, to help in displaying TIFF images. xv is a multi-format image manipulation utility that is statically linked to the tiff library...

Moderate: Red Hat Security Advisory: XFree86 security update

Updated XFree86 packages that fix several security issues in libXpm, as well as other bug fixes, are now available for Red Hat Enterprise Linux 2.1. XFree86 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user...

CVE-2004-0699

Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data...

GLSA-200409-28 : GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200409-28 GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities A vulnerability has been discovered in the BMP image preprocessor CAN-2004-0753. Furthermore, Chris Evans found a possible integer overflow in the...

mpg123: Buffer overflow vulnerability

Background mpg123 is a MPEG Audio Player. Description mpg123 contains a buffer overflow in the code that handles layer2 decoding of media files. Impact An attacker can possibly exploit this bug with a specially-crafted mp3 or mp2 file to execute arbitrary code with the permissions of the user...

gdk-pixbuf -- image decoding vulnerabilities

Chris Evans discovered several flaws in the gdk-pixbuf XPM image decoder: Heap-based overflow in pixbufcreatefromxpm Stack-based overflow in xpmextractcolor Integer overflows in io-ico.c Some of these flaws are believed to be exploitable...

CVE-2004-0699

CVE-2004-0699 describes a heap-based buffer overflow in the ASN.1 decoding library used by Check Point VPN-1 products when Aggressive Mode IKE is enabled. The root cause is a vulnerability in ASN.1 decoding that can be triggered by sending a malformed IKE packet after initiating a negotiation, al...

GLSA-200409-12 : ImageMagick, imlib, imlib2: BMP decoding buffer overflows

The remote host is affected by the vulnerability described in GLSA-200409-12 ImageMagick, imlib, imlib2: BMP decoding buffer overflows Due to improper bounds checking, ImageMagick and imlib are vulnerable to a buffer overflow when decoding runlength-encoded bitmaps. This bug can be exploited usin...

MIT Kerberos 5 ASN.1 decoding functions insecurely deallocate memory (double-free)

Overview The MIT Kerberos 5 library does not securely deallocate heap memory when decoding ASN.1 structures, resulting in double-free vulnerabilities. An unauthenticated, remote attacker could execute arbitrary code on a KDC server, which could compromise an entire Kerberos realm. An attacker may...

CVE-2004-0189

The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass urlregex ACLs via a URL with a NULL "%00" character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists...

CVE-2004-0189

The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass urlregex ACLs via a URL with a NULL "%00" character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists...

CVE-2004-0189

CVE-2004-0189 concerns a bug in the URL decoding '%xx' function in Squid 2.5.STABLE4 and earlier that can inject a NULL character into decoded URLs, causing Squid to compare only a portion of the requested URL against ACLs. This can allow bypass of url_regex-based access control lists. Public dis...

Linux kernel integer overflows

integer overflow on write in kNFSd and XDR decoding...

FreeBSD : ripMIME -- decoding bug allowing content filter bypass (164)

The following package needs to be updated: ripmime %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg85e19dffe60611d89b0a000347a4fa7d.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

Check Point VPN-1 products contain boundary error in the ASN.1 decoding library

Overview A vulnerability exists in Check Point's VPN-1 Server, which is included in many Check Point products. This vulnerability may permit a remote attacker to compromise the gateway system. Description Check Point VPN-1 Server is a Virtual Private Network VPN application. A buffer overflow...

ripMIME -- decoding bug allowing content filter bypass

ripMIME may prematurely terminate decoding Base64 encoded messages when it encounters multiple blank lines or other non-standard Base64 constructs. Virus scanning and content filtering tools that use ripMIME may therefore be bypassed. The ripMIME CHANGELOG file says: There's viruses going around...

ISS Protection Brief: Checkpoint VPN-1 ASN.1 Decoding Remote Compromise

-----BEGIN PGP SIGNED MESSAGE----- nternet Security Systems Protection Brief July 28, 2004 Check Point VPN-1 ASN.1 Decoding Remote Compromise Summary: ISS has shipped protection for a flaw X-Force has discovered in CheckPoint VPN-1 Server. The Check Point VPN-1 product is widely relied upon to...