Null pointer dereference

The formatline function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service invalid pointer dereference and application crash via crafted data that triggers a log message...

CVE-2013-3671

CVE-2013-3671 is a FFmpeg vulnerability in which the format_line function in log.c (libavutil) uses inapplicable offset data during a category calculation, enabling a remote attacker to trigger a denial of service via crafted data that triggers a log message. The connected advisories (MGASA-2013-...

libtirpc: invalid pointer free leads to rpcbind daemon crash

The svcdggetargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service rpcbind crash via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer...

CVE-2013-1318

Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers access to an invalid pointer, aka "Publisher Corrupt Interface Pointer Vulnerability."...

CVE-2013-1318

Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers access to an invalid pointer, aka "Publisher Corrupt Interface Pointer Vulnerability."...

Cogent Real-Time Systems Vulnerabilities

Overview Dillon Beresford of Cimation has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. Affected Products Cogent Real-Time Systems reports...

Memory corruption

The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service memory corruption and crash or obtain...

Design/Logic Flaw

RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer...

CVE-2012-4561

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...

DEBIAN-CVE-2012-4561

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...

file: Denial of service

Background file is a utility that guesses a file format by scanning binary data for patterns. Description Multiple out-of-bounds read errors and invalid pointer dereference errors have been found in cdf.c. Impact A remote attacker could entice a user to open a specially crafted Composite Document...

RedHat Update for tetex RHSA-2012:1201-01

Check for the Version of tetex OpenVAS Vulnerability Test RedHat Update for tetex RHSA-2012:1201-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

RedHat Update for tetex RHSA-2012:1201-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Moderate: Red Hat Security Advisory: tetex security update

Updated tetex packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2012-3445

The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain API calls with typed parameters, which might allow remote authenticated users to cause a denial of service libvirtd crash via an RPC command with nparams set to zero, which triggers an out-of-bounds read...

Mandriva Update for file MDVSA-2012:035 (file)

Check for the Version of file OpenVAS Vulnerability Test Mandriva Update for file MDVSA-2012:035 file Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Scientific Linux Security Update : t1lib on SL6.x i386/x86_64 (20120124)

The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially crafted font file was opened by an application linked against t1lib, it could cause the applicati...

Scientific Linux Security Update : pidgin on SL3.x, SL4.x, SL5.x i386/x86_64

An invalid pointer dereference bug was found in the way the Pidgin OSCAR protocol implementation processed lists of contacts. A remote attacker could send a specially crafted contact list to a user running Pidgin, causing Pidgin to crash. CVE-2009-3615 A NULL pointer dereference flaw was found in...

Scientific Linux Security Update : boost on SL5.x i386/x86_64 (20120221)

The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. Invalid pointer dereference flaws were found in the way the Boost regular expression library processed certain, invalid expressions. An attacker...

CentOS Update for systemtap CESA-2012:0376 centos6

Check for the Version of systemtap OpenVAS Vulnerability Test CentOS Update for systemtap CESA-2012:0376 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...