SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 6641 / 6643 / 6648)

The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.38, fixing various bugs and security issues. The following security issues have been fixed : - Several buffer overread and overwrite errors in the UDF logical volume descriptor code have been fixed that might have have allowed local...

VideoLAN VLC Media Player PNG Code Execution (CVE-2012-5470)

A buffer overread vulnerability has been reported in VideoLAN VLC Media Player...

wireshark: Stack-based buffer over-read from tvbuff buffer when reading snoop capture files

The snoopread function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service application crash via a large length value in a snoop file that triggers a stack-bas...

wireshark: Heap-based buffer over-read in Visual Networks dissector

Integer underflow in the visualread function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service application crash via a malformed Visual Networks file that triggers a heap-based buffer over-read...

openssl: record length handling integer underflow

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...

openssl: record length handling integer underflow

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...

Slackware: Security Advisory (SSA:2008-098-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2012-2845

Integer overflow in the jpegdataloaddata function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain potentially sensitive information via a crafted JPEG file...

openssl: record length handling integer underflow

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...

wireshark: Stack-based buffer over-read from tvbuff buffer when reading snoop capture files

The snoopread function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service application crash via a large length value in a snoop file that triggers a stack-bas...

freetype: multiple buffer over-read in PS parser conversion functions (#35657)

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via a crafted PostScript font object...

php: buffer over-read in Exif extension

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service application crash via an image with a crafted Image File Directory IFD that triggers a buffer over-read...

SuSE 11.1 Security Update : radvd (SAT Patch Number 5397)

This update of radvd fixes the following security flaws : - arbitrary file overwrite flaw through unsanitized interface names CVE-2011-3602, - missing return value checks in privsepinit which could cause radvd to keep running with root privileges CVE-2011-3603, - buffer overread flaws in the...

SuSE 10 Security Update : radvd (ZYPP Patch Number 7824)

This update of radvd fixes multiple buffer overread flaws in the processra function that could have potentially lead to crashes CVE-2011-3604. Additionally, a temporary Denial of Service flaw that could be triggered with a flood of NDROUTERSOLICIT has been fixed. CVE-2011-3605 %NASLMINLEVEL 70300...

php: buffer over-read in Exif extension

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service application crash via an image with a crafted Image File Directory IFD that triggers a buffer over-read...

kernel: dccp: handle invalid feature options length

Integer underflow in the dccpparseoptions function net/dccp/options.c in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol DCCP packet with an invalid feature options length, which triggers a buffer over-read...

IBM JDK Class file parsing denial-of-service

The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service JVM segmentation fault, and possibly memory consumption or an infinite loop via a crafted...

IBM JDK Class file parsing denial-of-service

The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service JVM segmentation fault, and possibly memory consumption or an infinite loop via a crafted...

expat: buffer over-read and crash on XML with malformed UTF-8 sequences

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

DEBIAN-CVE-2011-1959

The snoopread function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service application crash via a large length value in a snoop file that triggers a stack-bas...