Fedora 12 : libHX-3.6-1.fc12 / pam_mount-2.5-1.fc12 (2010-13155)

Update to libHX 3.6 fixing a buffer overflow in HXsplit: http://libhx.gi t.sourceforge.net/git/gitweb.cgi?p=libhx/libhx;a=commitdiff;h=904a46f9 0d pammount v2.5 August 10 2010 =============================== Changes: - mount.crypt: fix incorrect processing of binary files in keyfile passthrough -...

Linux Kernel 2.6.18 - 'move_pages()' Information Leak

/ sieve because the Linux kernel leaks like one, get it? Bug NOT discovered by Marcus Meissner of SuSE security This bug was discovered by Ramon de Carvalho Valle in September of 2009 The bug was found via fuzzing, and on Sept 24th I was sent a POC DoS for the bug but had forgotten about it until...

Microsoft Windows Graphics Rendering Engine Code Execution (MS07-046; CVE-2007-3034)

The Windows Metafile WMF is a standard Windows image file format. It consists of a set of graphics functions and parameters that describe the steps required to render an image. WMF is a 16-bit format that can contain both vector and bitmap information. A WMF file contains a main header, followed ...

Microsoft GDI+ WMF Integer Overflow (MS09-062; CVE-2009-2500)

The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer.Windows Metafile WMF is a 16-bit metafile image format optimized for the Windows operating system that can contain both vector information and bitmap...

Mandriva Update for kernel MDVSA-2008:234 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2008:234 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for kernel MDVSA-2008:234 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2008:234 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CVE-2008-5937

AyeView 2.20 allows user-assisted attackers to cause a denial of service memory consumption or application crash via a bitmap aka .bmp file with large height and width values...

CVE-2008-0894

Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service crash via a crafted 1 bitmap BMP or 2 GIF file, a related issue to CVE-2008-0420...

Mozilla information disclosure flaw

modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a craft...

CVE-2007-6523

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...

Windows Media Player 7.1 <= 10 BMP Heap Overflow PoC (MS06-005)

Exploit for unknown platform in category dos / poc =============================================================== Windows Media Player 7.1 include define BITMAPFILESIZE 0xA8D2 define BITMAPFILENAME "crafted.bmp" pragma pack push pragma pack 1 // bitmap file format - http:/...

Microsoft Windows Media Player vulnerable to buffer overflow in bitmap processing routine

Overview Microsoft Windows Media Player contains a buffer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows Media Player WMP is an application that ships with Microsoft Windows systems used to...

Mandrake Linux Security Advisory : xpdf (MDKSA-2006:032)

Heap-based buffer overflow in Splash.cc in xpdf allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. The updated packages have been patched to correct this...

CVE-2006-0301

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as 1 poppler, 2 kdegraphics, 3 gpdf, 4 pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed...

FreeBSD : fd_set -- bitmap index overflow in multiple applications (4c005a5e-2541-4d95-80a0-00c76919aa66)

3APA3A reports : If programmer fails to check socket number before using select or fdset macros, it's possible to overwrite memory behind fdset structure. Very few select based application actually check FDSETSIZE value. ... Depending on vulnerable application it's possible to overwrite portions ...

CVE-2005-1793

CVE-2005-1793 affects Microsoft Windows 98SE (and possibly other operating systems) via User32.DLL. A crafted icon (.ico) bitmap file with unusually large width and height values can cause a denial of service (crash). The vulnerability is described as allowing local and remote DoS; CVSS 2.0 base ...

security flaw

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via malformed 1 AVI, 2 BMP, or 3 DIB files...