5737 matches found
MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)
The remote host is running a version of the ASP.NET framework that contains multiple vulnerabilities : - A PE Loader vulnerability could allow an attacker to execute arbitrary code with the privileges of the logged-on user. - An ASP.NET NULL byte termination vulnerability could allow an attacker ...
GNU GLibC LD.SO Mask动态装载器整数溢出漏洞
Glibc是一款提供系统调用和基本函数的C库。 Glibc包含的动态装载器ld.so存在整数溢出,本地攻击者可以利用漏洞提升特权执行任意指令。 在动态装载器ld.so处理硬件'capabilities mask'时存在缺陷,如果'mask'被指定为一个高计数值,在分配内存时可导致整数溢出,可能以高特权执行任意指令。 GNU glibc 2.3.10 + Debian Linux 2.2 GNU glibc 2.3.4 GNU glibc 2.3.3 + MandrakeSoft apcupsd 2006.0 + MandrakeSoft Linux Mandrake 10.1 x8664...
[ GLSA 200707-04 ] GNU C Library: Integer overflow
Gentoo Linux Security Advisory GLSA 200707-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
GNU C integer overflow
Integer overflow in ld.so dynamic loader...
GLSA-200707-04 : GNU C Library: Integer overflow
The remote host is affected by the vulnerability described in GLSA-200707-04 GNU C Library: Integer overflow Tavis Ormandy of the Gentoo Linux Security Team discovered a flaw in the handling of the hardware capabilities mask by the dynamic loader. If a mask is specified with a high population...
GNU C Library: Integer overflow
Background The GNU C library is the standard C library used by Gentoo Linux systems. It provides programs with basic facilities and interfaces to system calls. ld.so is the dynamic linker which prepares dynamically linked programs for execution by resolving runtime dependencies and related...
RHEL 4 / 5 : gimp (RHSA-2007:0343)
The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2007:0343 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. Marsu discovered a stack overflow bug in The GIMP RAS file...
CentOS 3 / 4 / 5 : gimp (CESA-2007:0343)
Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GIMP GNU Image Manipulation Program is an image composition and editing program. Marsu discovere...
gimp security update
CentOS Errata and Security Advisory CESA-2007:0343-01 Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GIMP GNU Image Manipulation Program is an...
Buffer overflow
The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...
CVE-2007-1387
The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...
CVE-2007-1387
The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...
DEBIAN-CVE-2007-1387
The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...
CVE-2007-1387
The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...
CVE-2007-1387
The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...
USN-435-1: Xine vulnerability
Moritz Jodeit discovered that the DirectShow loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges...
knorrede-sql.txt
Author: Sebastian Bauer Web: http://blog.gjl-network.net Date: 01/12/07 Vuln. website: http://www.knorr.de Vulnerability: SQL Injection mainly login authentication bypass + any other SQL inj. possibility, XSS Significance: Very Critical ---------------------------------------------------------...
MDKA-2006:030 : imlib2
The tiff loader from imlib2 crashes when processing images on the x8664 platform. This was reported when using digikam on x8664, which uses this loader. Updated packages are provided that correct the issue. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch ...
Mandrake Linux Security Advisory : imlib2 (MDKSA-2006:198-1)
M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...
Moderate: gtk2 security update
2.4.13-22 - Fix a problem with the pixbuf loader closing patch 2.4.13-21 - Make update scripts handle slight variations in 2.4.13-20 - Fix error handling in pixbuf loaders 218932, CVE-2007-0010 -------------- next part -------------- An HTML attachment was scrubbed... URL:...