fetchmail -- heap overflow on verbose X.509 display

Matthias Andree reports: In verbose mode, fetchmail prints X.509 certificate subject and issuer information to the user, and counts and allocates a malloc buffer for that purpose. If the material to be displayed contains characters with high bit set and the platform treats the "char" type as...

AOL Radio AmpX ActiveX Control ConvertFile() Buffer Overflow

require 'msf/core' class Metasploit3 'AOL Radio AmpX ActiveX Control ConvertFile Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow in AOL IWinAmpActiveX class AmpX.dll version 2.4.0.6 installed via AOL Radio website. By setting an overly long value to...

Microsoft Windows RPC Interface Buffer Overrun Vulnerability (KB824146)

Microsoft Windows is prone to a buffer overrun vulnerability. SPDX-FileCopyrightText: 2009 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

dnsmasq TFTP server multiple security vulnerabilities

Heap buffer overrun, NULL pointer dereference...

kernel: cifs: fix potential buffer overruns when converting unicode strings sent by server

Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service memory corruption and possibly have unspecified other impact via 1 a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or ...

Fedora Core 11 FEDORA-2009-7775 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7775. OpenVAS Vulnerability Test $Id: fcore20097775.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7775 libtiff Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 11 FEDORA-2009-7775 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7775. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora Core 10 FEDORA-2009-7724 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7724. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

libtiff security update

3.8.2-7.el5.4 - Fix buffer overrun risks caused by unchecked integer overflow CVE-2009-2347 Resolves: 507725 3.8.2-7.el5.3 - Fix some more LZW decoding vulnerabilities CVE-2009-2285 Resolves: 507725 - Update upstream URL...

Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability

No description provided by source. !/usr/bin/perl Title: Carom3D 5.06 Unicode Buffer Overrun/Denial Of Service Vulnerability Summary: Carom 3D is an online multi-user billiard game created with special 3D graphic effects bringing every aspect such as 6 ball, 9 ball, 8 ball and other Billiard game...

Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability

Exploit for unknown platform in category dos / poc ===================================================== Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability ===================================================== !/usr/bin/perl Title: Carom3D 5.06 Unicode Buffer Overrun/Denial Of Service...

Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service

!/usr/bin/perl Title: Carom3D 5.06 Unicode Buffer Overrun/Denial Of Service Vulnerability Summary: Carom 3D is an online multi-user billiard game created with special 3D graphic effects bringing every aspect such as 6 ball, 9 ball, 8 ball and other Billiard games to life. Product Web Page:...

Microsoft PowerPoint Converter TPrint Record Handling Error (MS09-017; CVE-2009-0227)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A stack buffer overrun vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafte...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : mozilla-thunderbird, thunderbird vulnerabilities (USN-647-1)

It was discovered that the same-origin check in Thunderbird could be bypassed. If a user had JavaScript enabled and were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. CVE-2008-3835 Several problems were discovered in...

Ubuntu 6.06 LTS / 7.10 : netpbm-free vulnerability (USN-665-1)

It was discovered that Netpbm could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges. Note that Tenable Network Security has...

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : tk8.0, tk8.3, tk8.4 vulnerability (USN-664-1)

It was discovered that Tk could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges. Note that Tenable Network Security has...

FreeBSD : libpng denial-of-service (3a408f6f-9c52-11d8-9366-0020ed76ef5a)

Steve Grubb reports a buffer read overrun in libpng's pngformatbuffer function. A specially constructed PNG image processed by an application using libpng may trigger the buffer read overrun and possibly result in an application crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Mandriva Update for samba MDKSA-2007:224-3 (samba)

Check for the Version of samba OpenVAS Vulnerability Test Mandriva Update for samba MDKSA-2007:224-3 samba Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Mandriva Update for tk MDKSA-2007:200 (tk)

Check for the Version of tk OpenVAS Vulnerability Test Mandriva Update for tk MDKSA-2007:200 tk Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Mandriva Update for samba MDKSA-2007:224-1 (samba)

Check for the Version of samba OpenVAS Vulnerability Test Mandriva Update for samba MDKSA-2007:224-1 samba Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...