4206 matches found
DSA-2998-1 openssl - security update
Bulletin has no description...
Vulnerability in OpenSSL - SRP buffer overrun
A SRP buffer overrun was found. A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected. Found by Sean Devlin and Watson Ladd Cryptography Services, NCC Group...
qemu: virtio-scsi: buffer overrun on invalid state load
The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...
qemu: virtio: buffer overrun on incoming migration
Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...
qemu: virtio-scsi: buffer overrun on invalid state load
The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...
qemu: virtio: buffer overrun on incoming migration
Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...
qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load
Buffer overflow in hw/pci/pcieaer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large lognum value in a savevm image...
qemu-kvm security and bug fix update
1.5.3-60.el70.5 - kvm-Allow-mismatched-virtio-config-len.patch bz1095782 - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z 1.5.3-60.el70.4 - kvm-zero-initialize-KVMSETGSIROUTING-input.patch bz1110693 -...
WinRAR 2.90/3.0/3.10 Archive File Extension Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6664/info A vulnerability has been discovered in WinRAR. The problem occurs when the affected application opens an archive containing a file with an overly long file extension. It has been reported that it is possible for...
Jordan Windows Telnet Server 1.0/1.2 Username Stack Based Buffer Overrun Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/9316/info Jordan Windows Telnet Server has been reported prone to a remote buffer overrun vulnerability. The issue has been reported to present itself when a username of excessive length is supplied to the Telnet server...
Zblast 1.2 - Local Username Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7836/info A vulnerability has been reported for zblast, an svgalib-based game. The problem occurs when copying data from a user-supplied environment variable into a static memory buffer. By storing excessive data within t...
Athttpd 0.4 b Remote GET Request Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8709/info Athttpd is said to be prone to a remote buffer overrun that could allow an attacker to execute arbitrary code. The problem occurs due to insufficient bounds checking when handling GET requests. As a result, an...
WebFS 1.x Long Pathname Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8726/info It has been discovered that WebFS is prone to a buffer overrun vulnerability when handling path names of excessive length. As a result, an attacker may be capable of triggering the condition and overwriting...
RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (1)
No description provided by source. / source: http://www.securityfocus.com/bid/1011/info RedHat 4.0/4.1/4.2/5.0/5.1/5.2/6.0/6.2,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.2/4.4 man Buffer Overrun Vulnerability A buffer overflow exists in the implementation of the 'man' program shipped with...
Microsoft WordPerfect Converter Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8538/info The Microsoft WordPerfect Converter, which ships with Office and a number of other products, is prone to a buffer overrun vulnerability. This could result in execution of malicious, attacker-supplied code when a...
RedHat Linux 4.2,SGI IRIX <= 6.3,Solaris <= 2.6 mailx Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/393/info A buffer overrun exists in the /bin/mailx program. This program was originally developed as part of BSD, and is available on many Unix systems. By supplying a long, well crafted buffer as the username argument, a...
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...
Emil 2.x Multiple Buffer Overrun and Format String Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9974/info Multiple locally and remotely exploitable buffer overrun and format strings were reported in emil. This could permit execution of arbitrary code in the context of the software...
MPlayer 0.9/1.0 Streaming ASX Header Parsing Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8702/info A vulnerability has been discovered in MPLayer when handling malformed streaming ASX file headers. The problem occurs due to insufficient bounds checking performed within asfhttprequest. It has been demonstrated...
Zlib 1.1.4 Compression Library gzprintf() Buffer Overrun Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become corrupted. This buffer overrun...