1144 matches found
libexif: Multiple vulnerabilities
Background libexif is a library for parsing, editing and saving Exif metadata from images. Exif, the Exchangeable image file format, specifies the addition of metadata tags to JPEG, TIFF and RIFF files. Description Meder Kydyraliev Google Security discovered an integer overflow vulnerability in t...
[Full-disclosure] [ GLSA 200712-15 ] libexif: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
CVE-2007-6351
CVE-2007-6351 affects libexif up to version 0.6.16 and earlier via crafted Exif tags, causing an infinite recursion that can crash the application; CVE-2007-6352 is an accompanying integer-overflow issue in the same Exif parsing path that could crash or, in some contexts, allow code execution. Th...
Moderate: Red Hat Security Advisory: libexif security update
Updated libexif packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libexif packages contain the Exif library. Exif is an image file format specificatio...
Net::DNS: Multiple vulnerabilities
Background Net::DNS is a Perl implementation of a DNS resolver. Description hjp discovered an error when handling DNS query IDs which make them partially predictable. Steffen Ullrich discovered an error in the dnexpand function which could lead to an endless loop. Impact A remote attacker could...
Breakpoint Security: Encase Pre-Advisory
Breakpoint Security Advisory Affected Vendor: Guidance Software Affected Products: Encase 5.0 and possibly other version Background: With Encase's recent response to the iSec's security report and their ability to both market their product while at the same time minimizing their products issues,...
infinite recursion in netlink
The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...
CVE-2007-1861
The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...
CVE-2007-1861
The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...
CVE-2007-1861
The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...
Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service
Linux Kernel 2.6.x - NETLINKFIBLOOKUP Local Denial of Service / source: https://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger a...
Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service
/ source: https://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger an infinite-recursion stack-based overflow in the kernel. This...
CVE-2006-6297
Stack consumption vulnerability in the KFILE JPEG kfilejpeg plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service stack consumption via a crafted EXIF section in a JPEG file, which results in an infinite recursio...
CVE-2006-6297
Stack consumption vulnerability in the KFILE JPEG kfilejpeg plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service stack consumption via a crafted EXIF section in a JPEG file, which results in an infinite recursio...
security flaw
Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service infinite recursion and crash via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the...
Design/Logic Flaw
Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service infinite recursion and crash via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the...
CVE-2006-2274
Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service infinite recursion and crash via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the...
Code injection
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause 1 a buffer over-read or 2 infinite recursion, which can trigger a segmentation fault or invalid memory access, ...
Code injection
TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights to cause a denial of service infinite recursion leading to CPU and memory consumption via INCLUDE by URL statements that form a loop, such as a page that includes itself...
CVE-2006-1387
TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights to cause a denial of service infinite recursion leading to CPU and memory consumption via INCLUDE by URL statements that form a loop, such as a page that includes itself...