MGASA-2018-0109 Updated libtiff packages fix security vulnerability

tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service TIFFSetupStrips heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted TIFF file. CVE-2017-17095 In LibTIFF 4.0.8, there is a heap-based buffer overfl...

SUSE-SU-2017:2302-1 Security update for MozillaFirefox

Mozilla Firefox was updated to the ESR 52.3 release bsc1052829 Following security issues were fixed: MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts MFSA 2017-19/CVE-2017-779...

Buffer overflow

wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file...

SUSE-SU-2017:1042-1 Security update for curl

This update for curl fixes the following issues: Security issue fixed: - CVE-2016-9586: libcurl printf floating point buffer overflow bsc1015332 - CVE-2017-7407: The ourWriteOut function in toolwriteout.c in curl might have allowed physically proximate attackers to obtain sensitive information fr...

[ASA-201612-17] lib32-flashplugin: multiple issues

Arch Linux Security Advisory ASA-201612-17 ========================================== Severity: Critical Date : 2016-12-15 CVE-ID : CVE-2016-7867 CVE-2016-7868 CVE-2016-7869 CVE-2016-7870 CVE-2016-7871 CVE-2016-7872 CVE-2016-7873 CVE-2016-7874 CVE-2016-7875 CVE-2016-7876 CVE-2016-7877 CVE-2016-78...

MGASA-2016-0357 Updated graphicsmagick packages fix security vulnerability

The updated packages fix security vulnerabilities: Stack-based buffer overflow in ReadSCTImage CVE-2016-8682. Memory allocation failure in ReadPCXImage CVE-2016-8683. Memory allocation failure in MagickMalloc CVE-2016-8684...

MGASA-2016-0251 Updated flash-player-plugin packages fix 52 security vulnerabilities

Adobe Flash Player 11.2.202.632 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a race condition vulnerability that could lead to information disclosure CVE-2016-424...

RedHat Update for spice RHSA-2016:1205-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-7499

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors...

SUSE-SU-2015:0868-1 Security update for php5

PHP was updated to fix ten security issues. The following vulnerabilities were fixed: CVE-2014-9709: A specially crafted GIF file could cause a buffer read overflow in php-gd bnc923946 CVE-2015-2301: Memory was use after it was freed in PHAR bnc922022 CVE-2015-2305: heap overflow vulnerability in...

MGASA-2014-0238 Updated kernel-vserver packages fix multiple vulnerabilities

Updated kernel-vserver provides upstream 3.10.40 kernel and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of...

MGASA-2014-0228 Updated kernel packages fix multiple vulnerabilities

Updated kernel provides upstream 3.10.40 kernel and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service...

Mozilla SeaMonkey Multiple Vulnerabilities-05 January13 (Windows)

This host is installed with Mozilla SeaMonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln05jan13win.nasl 6093 2017-05-10 09:03:18Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-05 January13 Windows Authors: Antu Sanadi Copyright:...

Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)

This host is missing a critical security update according to Microsoft Bulletin MS10-012. OpenVAS Vulnerability Test $Id: secpodms10-012-remote.nasl 11684 2010-10-15 16:45:43Z oct$ Microsoft Windows SMB Server NTLM Multiple Vulnerabilities 971468 Authors: Antu Sanadi Chandrashekhar B Copyright:...

CVE-2007-5330

The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to 1 execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and 2 trigger memory corruption related to the use of "handle" RPC arguments...

USN-220-1: w3c-libwww vulnerability

Sam Varshavchik discovered several buffer overflows in the HTBoundaryputblock function. By sending specially crafted HTTP multipart/byteranges MIME messages, a malicious HTTP server could trigger an out of bounds memory access in the libwww library, which causes the program that uses the library ...

[SECURITY] [DSA 425-1] New tcpdump packages fix multiple vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 425-1 [email protected] http://www.debian.org/security/ Matt Zimmerman January 16th, 2004 http://www.debian.org/security/faq -...

Samba 2.2.x - call_trans2open Remote Buffer Overflow (4)

Samba 2.2.x - calltrans2open Remote Buffer Overflow 4 source: https://www.securityfocus.com/bid/7294/info A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it...

Electrasoft 32Bit FTP 9.49.1 - Client Long Server Banner Buffer Overflow

Electrasoft 32Bit FTP 9.49.1 - Client Long Server Banner Buffer Overflow source: https://www.securityfocus.com/bid/6764/info It has been reported that Electrasoft 32Bit FTP client may be prone to a buffer overflow condition. This issue is due to the client not implementing bounds checking on bann...

[SECURITY] [DSA 029-2] New proftpd packages for m68k available

---------------------------------------------------------------------------- Debian Security Advisory DSA-029-2 [email protected] http://www.debian.org/security/ Martin Schulze March 6, 2001 - ---------------------------------------------------------------------------- Package : proftpd...