2084 matches found
AdvancePro Technologies Advanceware software suite vulnerable to privilege bypass
Overview AdvancePro Technologies Advanceware software suite contains a privilege bypass vulnerability, resulting in information leakage CWE-200. Description CWE-200: Information Exposure AdvancePro Technologies Advanceware software suite contains a privilege bypass vulnerability, resulting in...
TrustGo Antivirus & Mobile Security contains a denial-of-service vulnerability
Overview TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 contain a denial-of-service CWE-20 vulnerability. Description CWE-20:Improper Input Validation- CVE-2013-3580TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 crash if an intent is sent to...
Serva32 2.1.0 TFTPD service buffer overflow vulnerability
Overview Serva32 2.1.0 TFTPD service contains a buffer overflow vulnerability. Description The Serva32 2.1.0 TFTPD service contains a buffer overflow vulnerability when parsing large read requests. When the application reads in a large buffer the application crashes. --- Impact An unauthenticated...
Dan Geer, Richard Thieme on specialization in security
Two elders of information security came to Source Boston 2013 Wednesday morning to encourage the next generation to grab the torch from them and to urge great caution in diving too deeply into specialization. Heavy thinkers Dan Geer and Richard Thieme said that the industry is closing in on an en...
High guest OS resource utilization
Challenge Performance metrics within a Virtual Machine's Guest OS are different higher or lower than the same metrics reported by Veeam ONE. Cause The process used by vSphere to allocate and distribute system resources differs from the methods used by Windows and other operating systems for a...
Dell PowerConnect 6248P series switch denial of service vulnerability
Overview Dell PowerConnect 6248P series switches contain a denial of service vulnerability when parsing malformed requests. Description Dell PowerConnect 6248P series switches contain a denial of service vulnerability when parsing malformed requests which could cause the switch to crash and becom...
Ruby on Rails 3.0 and 2.3 JSON Parser vulnerability
Overview The Ruby on Rails 3.0 and 2.3 JSON parser contain a vulnerability that may result in arbitrary code execution. Description The Ruby on Rails advisory states:There is a vulnerability in the JSON code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitra...
SuSE 11.2 Security Update : pcp (SAT Patch Number 7221)
pcp was updated to version 3.6.10 which fixes security issues and also brings a lot of new features. - Update to pcp-3.6.10. - Transition daemons to run under an unprivileged account. - Fixes for security advisory CVE-2012-5530: tmpfile flaws;. bnc782967 - Fix pcp1 command short-form pmlogger...
D-Link DSL2730U router restricted telnet shell command whitelisting bypass
Overview D-Link DSL2730U routers contain a restricted telnet shell with limited allowed commands. An authenticated attacker can chain unauthorized commands through authorized commands in order to bypass the command whitelisting. Description CWE-78: Improper Neutralization of Special Elements used...
DEBIAN-CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
AZL-7378 CVE-2011-5244 affecting package t1lib 5.1.2-28
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
AZL-7377 CVE-2011-0433 affecting package t1lib 5.1.2-28
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
DEBIAN-CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
Code injection
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
Heap overflow
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...