CVE-2013-6382

CVE-2013-6382 refers to multiple buffer underflows in the Linux kernel’s XFS implementation up to version 3.12.1, allowing local, CAP_SYS_ADMIN–bearing users to trigger memory corruption or potential other impacts via the XFS_IOC_ATTRLIST_BY_HANDLE or XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctls with cra...

UBUNTU-CVE-2013-6382

Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging the CAPSYSADMIN capability for a 1 XFSIOCATTRLISTBYHANDLE or 2 XFSIOCATTRLISTBYHANDLE32...

SuSE Update for Mozilla openSUSE-SU-2013:1334-1 (Mozilla)

Check for the Version of Mozilla OpenVAS Vulnerability Test $Id: gbsuse201313341.nasl 8509 2018-01-24 06:57:46Z teissa $ SuSE Update for Mozilla openSUSE-SU-2013:1334-1 Mozilla Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This progr...

CVE-2013-5170

Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF document...

CVE-2013-5170

Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF document...

CVE-2013-5170

CVE-2013-5170 affects Apple Mac OS X prior to 10.9, due to a buffer underflow in CoreGraphics when processing PDFs. This can allow remote attackers to execute arbitrary code or cause an application crash by delivering a crafted PDF. No remediation details are provided in the supplied documents. T...

Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20130930)

It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. CVE-2006-7243 It was found that PHP did not check for carriage returns i...

php53 security update

CentOS Errata and Security Advisory CESA-2013:1307 Updated php53 packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...

Amazon Linux AMI : busybox (ALAS-2012-103)

A buffer underflow flaw was found in the way the uncompress utility of BusyBox expanded certain archive files compressed using Lempel-Ziv compression. If a user were tricked into expanding a specially crafted archive file with uncompress, it could cause BusyBox to crash or, potentially, execute...

Amazon Linux AMI : libxml2 (ALAS-2012-143)

A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the...

CVE-2013-4206

Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting...

CVE-2013-4206

Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting...

CVE-2013-4206

PuTTY before 0.63 is affected by CVE-2013-4206 due to a heap-based buffer underflow in modmul (sshbn.c). The vulnerability allows remote SSH servers to cause a denial of service (crash) and possibly memory corruption or code execution via a crafted DSA signature, related to improper handling duri...

CVE-2013-4206

Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting...

update for MozillaFirefox, MozillaThunderbird, mozilla-nspr, mozilla-nss, seamonkey, xulrunner (important)

Changes in seamonkey: - update to SeaMonkey 2.20 bnc833389 MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards MFSA 2013-64/CVE-2013-1704 bmo883313 Use after free mutating DOM during SetBody MFSA 2013-65/CVE-2013-1705 bmo882865 Buffer underflow when generating CRMF reques...

Mozilla updates August 2013 (important)

This patch contains updates for - Firefox to 23.0 - xulrunner to 17.0.8esr - Thunderbird to 17.0.8 - mozilla-nspr to 4.10 - mozilla-nss to 3.15,1 MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards MFSA 2013-64/CVE-2013-1704 bmo883313 Use after free mutating DOM during...

PuTTY 'modmul()' 函数缓冲区下溢漏洞(CVE-2013-4206)

No description provided by source...

FreeBSD : mozilla -- multiple vulnerabilities (0998e79d-0055-11e3-905b-0025905a4771)

The Mozilla Project reports : MFSA 2013-63 Miscellaneous memory safety hazards rv:23.0 / rv:17.0.8 MFSA 2013-64 Use after free mutating DOM during SetBody MFSA 2013-65 Buffer underflow when generating CRMF requests MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater MF...

Mozilla SeaMonkey Multiple Vulnerabilities (Aug 2013) - Windows

Mozilla SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

CVE-2013-1705

Heap-based buffer underflow in the cryptojsinterpretkeygentype function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Certificate Request Message Format CRMF request...