1417 matches found
DSA-2542-1 qemu-kvm - multiple
Bulletin has no description...
DSA-2545-1 qemu - multiple
Bulletin has no description...
HP Application Lifecycle Management ActiveX memory ovewritting
Memory overwritting of user-controlled address in XGO.ocx...
RHEL 5 : libwpd (RHSA-2012:1043)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1043 advisory. - libwpd: Memory overwrite flaw by processing certain WordPerfect WPD documents CVE-2012-2149 Note that Nessus has not tested for this issue but has...
CVE-2012-2149 OpenOffice.org memory overwrite vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2012-2149 OpenOffice.org memory overwrite vulnerability Reference: http://www.openoffice.org/security/cves/CVE-2012-2149.html Severity: Important Vendor: The Apache Software Foundation Versions Affected: OpenOffice.org 3.3 and 3.4 Beta, on all...
SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149
SEC Consult Vulnerability Lab Security Advisory 20120518-0 ======================================================================= title: libwpd WPXContentListener::closeTableRow memory overwrite product: OpenOffice.org vulnerable version: 3.3.0/3.4 Beta 1 and probably earlier versions fixed...
OpenOffice 3.4之前版本自定义libwpd任意代码执行漏洞
BUGTRAQ ID: 53570 CVE ID: CVE-2012-2149 OpenOffice原是Sun公司的一套商业级Office软件-StarOffice,经过Sun公司公开程序码之后,正式命名为OpenOffice发展计划。 OpenOffice 3.3和3.4 Beta使用具有内存覆盖漏洞的自定义libwpd时,可通过特制的Wordperfect WPD格式文档加以利用,导致任意代码执行 0 OpenOffice 3.4 厂商补丁: OpenOffice ---------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Apache OpenOffice < 3.4.0 Multiple Memory Corruption Vulnerabilities
The version of Apache OpenOffice installed on the remote host is prior to 3.4.0. It is, therefore, affected by several memory corruption issues : - An integer overflow error exists in 'vclmi.dll' that could allow heap-based buffer overflows when handling embedded image objects. CVE-2012-1149 - A...
Important: nginx
Issue Overview: Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4...
CVE-2012-1516
The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service memory overwrite and process crash or possibly execute arbitrary code on the host OS via vectors involving data pointers...
CVE-2012-1517
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service memory overwrite and process crash or possibly execute arbitrary code on the host OS via vectors involving function pointers...
Design/Logic Flaw
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service memory overwrite and process crash or possibly execute arbitrary code on the host OS via vectors involving function pointers...
CVE-2012-1517
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service memory overwrite and process crash or possibly execute arbitrary code on the host OS via vectors involving function pointers...
CVE-2012-1516
Vulnerability CVE-2012-1516 affects VMware VMX RPC handling in ESXi/ESX 3.5–4.1 (and related Workstation/Player components). A guest user could cause a denial of service or, potentially, execute code on the host via data-pointer related paths. Exploitation relies on triggering problematic RPC han...
VMSA-2012-0009 : VMware Workstation, Player, Fusion, ESXi and ESX patches address critical security issues
a. VMware host memory overwrite vulnerability data pointers Due to a flaw in the handler function for RPC commands, it is possible to manipulate data pointers within the VMX process. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host...
VMware Workstation, Player, ESXi and ESX patches address critical security issues
a. VMware host memory overwrite vulnerability data pointersDue to a flaw in the handler function for RPC commands, it is possible to manipulate data pointers within the VMX process. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.Workarou...
VMware ESXi/ESX patches address critical security issues (VMSA-2012-0009)
The remote ESXi is missing one or more security related Updates from VMSA-2012-0009. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Buffer overflow
Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4 file...
CVE-2012-2089
The CVE-2012-2089 issue affects nginx and is caused by a buffer overflow in ngx_http_mp4_module.c when the mp4 directive is used. Affected versions are nginx 1.0.7–1.0.14 and 1.1.3–1.1.18, potentially leading to memory overwrite, denial of service, or remote code execution. Remediation in the con...
CVE-2012-2089
Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted MP4 file...