CentOS Update for gcab CESA-2018:0350 centos7

Check the version of gcab SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882844";...

CentOS 7 : gcab (CESA-2018:0350)

An update for gcab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

gcab, libgcab1 security update

CentOS Errata and Security Advisory CESA-2018:0350 An update for gcab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

Buffer overflow

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

CVE-2016-4973

CVE-2016-4973 concerns binaries built against targets using GCC’s libssp for stack smashing protection. The root cause is the lack of Object Size Checking in libssp, which may allow local users to trigger buffer overflows. Documented impacts include partial confidentiality, integrity, and availab...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

OracleVM 3.2 : curl (OVMSA-2016-0056)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix heap-based buffer overflow in curleasyunescape CVE-2013-2174 - fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944 - introduce the --delegation option of curl 746849 - fix stack...

php: buffer overflow and stack smashing error in phar_fix_filepath

A flaw was found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...

Cisco MiniUPnP Stack Smashing Protection Attack

The Internet of Things security challenge is twofold: finding bugs, and more urgent—fixing them. Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP that was patched in September of last year. The...

Updated php package fixes security vulnerabilities

Segfault in Phar::convertToData on invalid file CVE-2015-5589. Buffer overflow and stack smashing error in pharfixfilepath CVE-2015-5590. The php package has been updated to version 5.5.27, which fixes these issues, as well as other possible bugs and security issues, including the BACKRONYM flaw,...

MGASA-2015-0276 Updated php package fixes security vulnerabilities

Segfault in Phar::convertToData on invalid file CVE-2015-5589. Buffer overflow and stack smashing error in pharfixfilepath CVE-2015-5590. The php package has been updated to version 5.5.27, which fixes these issues, as well as other possible bugs and security issues, including the BACKRONYM flaw,...

php-phar -- multiple vulnerabilities

reports: Segfault in Phar::convertToData on invalid file. Buffer overflow and stack smashing error in pharfixfilepath...

Mandriva Linux Security Advisory : libjpeg (MDVSA-2015:152)

Updated libjpeg packages fix security vulnerability : Passing a specially crafted jpeg file to libjpeg-turbo could lead to stack smashing CVE-2014-9092. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux...

Chemtool 1.6.14 Memory Corruption

Document Title: =============== Chemtool 1.6.14 Memory Corruption Vulnerability Date: ============= 08/02/2015 Vendor Homepage: ================ http://ruby.chemie.uni-freiburg.de/martin/chemtool/ Abstract Advisory Information: ============================== Memory Corruption Vulnerability on...

[ MDVSA-2015:014 ] libjpeg

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:014 http://www.mandriva.com/en/support/security/ Package : libjpeg Date : January 8, 2015 Affected: Business Server 1.0 Problem Description: Updated libjpeg packages fix security vulnerability: Passing a...

i-FTP Schedule Buffer Overflow Exploit

This Metasploit module exploits a stack-based buffer overflow vulnerability in i-Ftp version 2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on...

Updated libjpeg packages fix security vulnerability

Passing a specially crafted jpeg file to libjpeg-turbo could lead to stack smashing CVE-2014-9092...