xpdf -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and potential...

CentOS Update for ghostscript CESA-2008:0155 centos4 i386

Check for the Version of ghostscript OpenVAS Vulnerability Test CentOS Update for ghostscript CESA-2008:0155 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Gentoo Security Advisory GLSA 200803-08 (win32codecs)

The remote host is missing updates announced in advisory GLSA 200803-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5599)

Mozilla Thunderbird was updated to 2.0.0.16. MFSA 2008-34 / CVE-2008-2785: An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The vulnerability was caused by an insufficiently sized variable being used as a...

Debian Security Advisory DSA 080-1 (htdig)

The remote host is missing an update to htdig announced via advisory DSA 080-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/user/main.jsp?activeControl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site scripting issues, because it fails to adequately sanitize user-supplied input. Attackers can exploit these...

Format string

Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server GSWSSHD 7.01.0003 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword message...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1672)

This update of Mozilla Thunderbird fixes the security problems fixed in version 1.5.0.4: MFSA 2006-31/CVE-2006-2787: EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via JavaScript that calls the valueOf method on objects that were created...

Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog HeapSpray

:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: sasatl.dll 1.5.0.531 Program Checker-Method DebugMsgLog Heap Spraying Exploit ============================================================================= Internal ID: VULWAR200707121. Introduction ------------...

Format string

Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information...

CVE-2006-1530

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the...

Fedora Core 2 : lha-1.14i-14.1 (2004-295)

Lukasz Wojtow discovered a stack-based buffer overflow in all versions of lha up to and including version 1.14. A carefully created archive could allow an attacker to execute arbitrary code when a victim extracts or tests the archive. The Common Vulnerabilities and Exposures project cve.mitre.org...