65 matches found
CVE-2013-5180
The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveragi...
MDVA-2010:155 : mono
mono as shipped with Mandriva 2010.0 was built with wrong compiler optimizations that made some applications freeze. The updated package uses safe compiler flags that prevents the freeze. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a...
Input validation
The TIFFVStripSize function in tifstrip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service application crash via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler...
CVE-2010-2597
The TIFFVStripSize function in tifstrip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service application crash via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler...
Multiple compilers "erased" memory reading
Multiple secure programs use something like memsetbuf, 0, len to erase keys, passwords, etc from memory. The problem is this code can be eliminated by compiler during optimization process...