finch, libpurple, pidgin security update

CentOS Errata and Security Advisory CESA-2010:0788 Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVS...

Moderate: Red Hat Security Advisory: pidgin security update

Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Debian DSA-2025-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does...

DSA-2025-1 icedove - several vulnerabilities

Bulletin has no description...

Mozilla Base64 decoding crash

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

[SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1931-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 08, 2009 http://www.debian.org/security/faq -...

SuSE 10 Security Update : libsoup (ZYPP Patch Number 6223)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0585 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Mozilla Base64 decoding crash

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

Ubuntu 8.10 : gst-plugins-base0.10 vulnerability (USN-735-1)

It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges. Note that Tenable...

Mandrake Security Advisory MDVSA-2009:080 (glib2.0)

The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. OpenVAS Vulnerability Test $Id: mdksa2009080.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:080 glib2.0 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:080 (glib2.0)

The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:081 (libsoup)

The remote host is missing an update to libsoup announced via advisory MDVSA-2009:081. OpenVAS Vulnerability Test $Id: mdksa2009081.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:081 libsoup Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

RHEL 5 : glib2 (RHSA-2009:0336)

Updated glib2 packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOM...

Ubuntu USN-735-1 (gst-plugins-base0.10)

The remote host is missing an update to gst-plugins-base0.10 announced via advisory USN-735-1. OpenVAS Vulnerability Test $Id: ubuntu7351.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7351.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-735-1...

Ubuntu: Security Advisory (USN-735-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-735-1: GStreamer Base Plugins vulnerability

It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges...

glib library memory corruption

Memory corruption on base64 encoding/decoding...

Immunity Canvas: GROUPWISE_WEBACCESS

Name| groupwisewebaccess ---|--- CVE| CVE-2007-2171 Exploit Pack| CANVAS Description| Novell GroupWise WebAccess Base64 Decoding Stack Overflow Notes| CVE Name: CVE-2007-2171 VENDOR: Novell VersionsAffected: Repeatability: References: http://www.zerodayinitiative.com/advisories/ZDI-07-015.html CV...

Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow

The remote host is running a version of GroupWise WebAccess from Novell that is vulnerable to a stack overflow in the way it handles HTTP Basic Authentication. By sending a specially crafted request, an attacker can exploit this flaw to execute code on the remote host with administrative...

Novell Groupwise WebAccess buffer overflow

Stack buffer overflow stack overrun during TCP/7205 TCP/7211 HTTP basic authentication on base64 decoding...