Oracle Linux 5 : libxml2 (ELSA-2012-0017)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0017 advisory. - Fix the semantic of XPath axis for namespace/attribute nodes CVE-2010-4008 - Fix an off by one error in encoding CVE-2011-0216 - Fix some potential...

Oracle Linux 5 / 6 : libxml2 (ELSA-2012-1288)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-1288 advisory. - Change the XPath code to percolate allocation error CVE-2011-1944 - Fix an off by one pointer access CVE-2011-3102 - adds randomization to hash a...

Microsoft OLE Automation Remote Code Execution Vulnerability (2802968)

This host is missing a critical security update according to Microsoft Bulletin MS13-020. OpenVAS Vulnerability Test $Id: secpodms13-020.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft OLE Automation Remote Code Execution Vulnerability 2802968 Authors: Antu Sanadi Copyright: Copyright c 2013 SecPo...

Microsoft OLE Automation Remote Code Execution Vulnerability (2802968)

This host is missing a critical security update according to Microsoft Bulletin MS13-020. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

DEBIAN-CVE-2012-5668

FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdffreefont function...

CVE-2012-5668

FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdffreefont function...

Null pointer dereference

FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdffreefont function...

CVE-2012-5668

FreeType before 2.4.11 is affected by CVE-2012-5668 due to a NULL pointer dereference in bdf_free_font triggered by BDF font handling, leading to denial of service. Connected advisories confirm patches and vendor mitigations exist (e.g., updates addressing CVE-2012-5668 and related BDF fixes in 2...

CVE-2012-5668

FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdffreefont function...

libxml2 security update

2.7.6-8.0.1.el63.3 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-8.el63.3 - Change the XPath code to percolate allocation error CVE-2011-1944 2.7.6-8.el63.2 - Fix an off by one pointer access CVE-2011-3102 2.7.6-8.el63.1 - Fix a failure...

Slackware: Security Advisory (SSA:2010-176-05)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2012-3437

The Magickpngmalloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service crash via a crafted PNG file that triggers incorrect memory allocation...

RedHat Update for ImageMagick RHSA-2012:0301-03

Check for the Version of ImageMagick OpenVAS Vulnerability Test RedHat Update for ImageMagick RHSA-2012:0301-03 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

libxml2 security update

2.7.6-4.0.1.el62.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-4.el62.1 - Make sure the parser returns when getting a Stop order CVE-2011-3905 - Fix an allocation error when copying entities CVE-2011-3919 - Resolves: rhbz771913...

CVE-2011-3002

Almost Native Graphics Layer Engine ANGLE, as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vecto...

CVE-2011-3002

Almost Native Graphics Layer Engine ANGLE, as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vecto...

Buffer overflow

Almost Native Graphics Layer Engine ANGLE, as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vecto...

CVE-2011-3002

Almost Native Graphics Layer Engine ANGLE, as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vecto...

CVE-2011-3002

CVE-2011-3002 concerns Mozilla Firefox (pre-7.0) and SeaMonkey (pre-2.4) where ANGLE does not validate the return value of GrowAtomTable, enabling memory-allocation errors that can cause a crash or potentially allow arbitrary code execution. The vulnerability is triggered by vectors that lead to ...

Dropbear SSH Server svr_ses.childpidsize Remote Overflow

According to its banner, the remote host is runnning a version of Dropbear SSH before 0.47. Such versions contain a buffer allocation error that may allow an authenticated user to gain elevated privileges. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid34769;...