[UNIX] xine based CD Player Format String

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability

Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability by Piotr Bania [email protected] http://pb.specialised.info Original location: http://pb.specialised.info/all/adv/avast-adv.txt Severity: Less Critical/Medium - local ring0 code execution Software affected: Probably a...

Gaim < 1.3.0 Multiple Vulnerabilities

Binary data 2894.prm...

CVE-2005-0867

Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file...

CVE-2005-0867

CVE-2005-0867 involves an integer overflow in the Linux kernel 2.6 sysfs_write_file() function. The Ubuntu USN-110-1 and Red Hat RHSA-2005:366 describe a local user could exploit this to crash the kernel or possibly execute code with root privileges by writing to a user-writable sysfs file under ...

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is the next-generation mail client from the Mozilla project. Description The following vulnerabilities were found and fixed in Mozilla Thunderbird: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape extension 2...

GLSA-200503-32 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-32 Mozilla Thunderbird: Multiple vulnerabilities The following vulnerabilities were found and fixed in Mozilla Thunderbird: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete...

GLSA-200503-30 : Mozilla Suite: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-30 Mozilla Suite: Multiple vulnerabilities The following vulnerabilities were found and fixed in the Mozilla Suite: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape...

kernel26lowmem.txt

it is possible to partially overwrite low kernel = 2.6 include include include include include include include define KERNEL include undef KERNEL define MAXV 500 int mainint argc,char argv int epfd; int i; int res; struct epollevent ev; int fds; int over; void km; over= unsigned int-1/sizeofstruc...

CVE-2005-0736

Integer overflow in sysepollwait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events...

CVE-2005-0736

Integer overflow in sysepollwait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events...

GLSA-200503-10 : Mozilla Firefox: Various vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-10 Mozilla Firefox: Various vulnerabilities The following vulnerabilities were found and fixed in Mozilla Firefox: Michael Krax reported that plugins can be used to load privileged content and trick the user to interact wit...

Mozilla Firefox: Various vulnerabilities

Background Mozilla Firefox is the popular next-generation browser from the Mozilla project. Description The following vulnerabilities were found and fixed in Mozilla Firefox: Michael Krax reported that plugins can be used to load privileged content and trick the user to interact with it...

USN-60-0: Linux kernel vulnerabilities

CAN-2005-0001: Paul Starzetz discovered a race condition in the Linux page fault handler code. This allowed an unprivileged user to gain root privileges on multiprocessor machines under some circumstances. This also affects the Hyper-Threading mode on Pentium 4 processors...

Linux kernel multiple bugs

Race conditions in uselib leading to possibilityto overwrite kernel memory regions. Integer overflows in multiple drivers random poolsize, scsi ioctl, moxa. RLIMITMEMLOCK protection bypass. mlockall DoS. Privilege escalation with race conditions on page fault with SMP platforms...

isec-0018-igmp.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux kernel IGMP vulnerabilities Product: Linux kernel Version: 2.4 up to and including 2.4.28, 2.6 up to and including 2.6.9 Vendor: http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0018-igmp.txt CVE: CAN-2004-1137 Author:...

Linux kernel IGMP vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux kernel IGMP vulnerabilities Product: Linux kernel Version: 2.4 up to and including 2.4.28, 2.6 up to and including 2.6.9 Vendor: http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0018-igmp.txt CVE: CAN-2004-1137 Author:...

fd_set -- bitmap index overflow in multiple applications

3APA3A reports: If programmer fails to check socket number before using select or fdset macros, it's possible to overwrite memory behind fdset structure. Very few select based application actually check FDSETSIZE value. ... Depending on vulnerable application it's possible to overwrite portions o...

CVE-2004-0608

The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier,...

[Full-Disclosure] FreeBSD Security Advisory FreeBSD-SA-04:16.fetch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:16.fetch Security Advisory The FreeBSD Project Topic: Overflow error in fetch Category: core Module: fetch Announced: 2004-11-18 Credits: Colin Percival Affect...