47 matches found
SuSE 10 Security Update : libxml2 (ZYPP Patch Number 5756)
This update fixes an integer overflow in libxml2 that could lead to memory corruption and arbitrary code execution. CVE-2008-4226 Thanks to: Drew Yao of Apple Product Security %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
Debian DSA-1666-1 : libxml2 - several vulnerabilities
Several vulnerabilities have been discovered in the GNOME XML library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4225 Drew Yao discovered that missing input sanitising in the xmlBufferResize function may lead to an infinite loop, resulting in...
[SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1666-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 17, 2008 http://www.debian.org/security/faq -...
Security fix for the ALT Linux 10 package libtiff version 3.8.2-alt2
Aug. 31, 2008 Dmitry V. Levin 3.8.2-alt2 - Applied patches from Drew Yao of Apple Product Security to fix potential buffer underflow in the LZW decoder CVE-2008-2327...
RHEL 5 : libtiff (RHSA-2008:0847)
Updated libtiff packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libtiff packages contain a library of functions for manipulating Tagged Image Fi...
Important: Red Hat Security Advisory: libtiff security update
Updated libtiff packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The libtiff packages contain a library of functions for manipulating Tagged Image File...
USN-621-1: Ruby vulnerabilities
Drew Yao discovered several vulnerabilities in Ruby which lead to integer overflows. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. CVE-2008-266...