342 matches found
Scientific Linux Security Update : libtasn1 on SL6.x i386/x86_64 (20140603)
It was discovered that the asn1getbitder function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly,...
Moderate: Red Hat Security Advisory: libtasn1 security update
Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Updated libtasn1 packages fix CVE-2014-3467-9
Updated libtasn1 packages fix security vulnerabilities: Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash CVE-2014-3467. It was...
MGASA-2014-0247 Updated libtasn1 packages fix CVE-2014-3467-9
Updated libtasn1 packages fix security vulnerabilities: Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash CVE-2014-3467. It was...
SuSE 10 Security Update : curl (ZYPP Patch Number 8614)
This update of curl fixes several security issues. - libcurl URL decode buffer boundary flaw bnc824517 / CVE-2013-2174 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
SuSE 11.2 Security Update : curl (SAT Patch Number 7867)
This update of curl fixes several security issues : - libcurl URL decode buffer boundary flaw bnc824517 / CVE-2013-2174 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...
URL decode buffer boundary flaw
libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal number. The decoded strin...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service infinite loop via vectors related to a crafted UTF-8 and a...
CVE-2010-3790
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary...
Design/Logic Flaw
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary...
FlipViewer FViewerLoading ActiveX Control Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'FlipViewer...
Debian Security Advisory DSA 1795-1 (ldns)
The remote host is missing an update to ldns announced via advisory DSA 1795-1. OpenVAS Vulnerability Test $Id: deb17951.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1795-1 ldns Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
3proxy 0.5.3g (Windows x86) - proxy.c logurl() Remote Buffer Overflow
3proxy 0.5.3g Windows x86 - proxy.c logurl Remote Buffer Overflow / 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/...
3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow
/ 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/ 3Proxy tiny free proxy server previously known as 3APA3A tiny...
SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities / source: https://www.securityfocus.com/bid/10758/info It has been reported that the SCO Multi-channel Memorandum Distribution Facility MMDF is affected by multiple vulnerabilities. These issues are due to a failure of...