systemtap security update

CentOS Errata and Security Advisory CESA-2012:0376 Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...

Medium: texlive

Issue Overview: TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially-crafted...

IBM Personal Communications I-Series Access Workstation 5.9 - Profile (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'IBM Personal...

RedHat Update for boost RHSA-2012:0305-03

Check for the Version of boost OpenVAS Vulnerability Test RedHat Update for boost RHSA-2012:0305-03 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

RedHat Update for boost RHSA-2012:0305-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

t1lib: Off-by-one via crafted Type 1 font

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid...

Moderate: Red Hat Security Advisory: texlive security update

Updated texlive packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Debian Security Advisory DSA 2388-1 (t1lib)

The remote host is missing an update to t1lib announced via advisory DSA 2388-1. OpenVAS Vulnerability Test $Id: deb23881.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2388-1 t1lib Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Medium: t1lib

Issue Overview: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially-crafted font file was opened by an application linked against t1lib, it could cause the application to crash or, potentially, execute arbitrary code with the...

CentOS 6 : t1lib (CESA-2012:0062)

Updated t1lib packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

BitDefender Internet Security 2011 - Pointer Vulnerability

Document Title: =============== BitDefender Internet Security 2011 - Pointer Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=149 Release Date: ============= 2012-01-26 Vulnerability Laboratory ID VL-ID: ====================================...

t1lib: Invalid pointer dereference via crafted Type 1 font

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf...

Debian DSA-2388-1 : t1lib - several vulnerabilities

Several vulnerabilities were discovered in t1lib, a Postscript Type 1 font rasterizer library, some of which might lead to code execution through the opening of files embedding bad fonts. - CVE-2010-2642 A heap-based buffer overflow in the AFM font metrics parser potentially leads to the executio...

[SECURITY] [DSA 2388-1] t1lib security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2388-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez January 14, 2012 http://www.debian.org/security/faq -...

Apache 2.2 - Scoreboard Invalid Free On Shutdown

Source: http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/ Introduction Apache 2.2 webservers may use a shared memory segment to share child process status information scoreboard between the child processes and the parent process running as root. A child running with lowe...

Kaspersky Internet Security Memory Corruption Vulnerability

Kaspersky Internet Security Memory Corruption Vulnerability Vulnerability-Lab Team discovered a Memory & Pointer Corruption Vulnerability on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012. A Memory Corruption vulnerability is detected on Kaspersky Internet Security 2011/20...

CentOS Update for pidgin CESA-2009:1535 centos3 i386

Check for the Version of pidgin OpenVAS Vulnerability Test CentOS Update for pidgin CESA-2009:1535 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

CentOS Update for finch CESA-2009:1536 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for wireshark CESA-2010:0360 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

kernel: panic in ib_cm:cm_work_handler

Race condition in the cmworkhandler function in the InfiniBand driver drivers/infiniband/core/cma.c in Linux kernel 2.6.x allows remote attackers to cause a denial of service panic by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer...