113 matches found
SUSE: Security Advisory (SUSE-SU-2013:1828-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : mono-core (SUSE-SU-2016:2958-1)
mono-core was updated to fix the following vulnerabilities : - CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary code execution through the string-to-double parser implementation. bsc958097 - CVE-2012-3543: Remote attackers could cause a denial of service...
SUSE SLED11 / SLES11 Security Update : mono-core (SUSE-SU-2016:0257-1)
mono-core was updated to fix the following vulnerabilities : - CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary code execution through the string-to-double parser implementation bsc958097 - CVE-2012-3543: Remote attackers could cause a denial of service throu...
Updated mono packages fix security vulnerability
It was found that float-parsing code used in Mono before 4.2 is derived from code vulnerable to CVE-2009-0689. The issue concerns the 'freelist' array, which is a global array of 16 pointers to 'Bigint'. This array is part of a memory allocation and reuse system which attempts to reduce the numbe...
Mageia: Security Advisory (MGASA-2016-0013)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : mono -- DoS and code execution (4b3a7e70-afce-11e5-b864-14dae9d210b8)
NCC Group reports : An attacker who can cause a carefully-chosen string to be converted to a floating-point number can cause a crash and potentially induce arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Oracle: Security Advisory (ELSA-2014-0311)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 5 : php (RHSA-2014:0312)
Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 and 5.6 Long Life, and Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability...
K-Meleon 1.5.3 - Remote Array Overrun
No description provided by source. From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/222 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 K-Meleon 1.5.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
SeaMonkey 1.1.8 - Remote Array Overrun
No description provided by source. From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/221 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SeaMonkey 1.1.8 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
KDE KDELibs 4.3.3 - Remote Array Overrun
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE KDELibs 4.3.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 20.11.2009 CVE: CVE-2009-0689 Risk: High Remote:...
Sunbird 0.9 - Array Overrun (code execution) 0day
No description provided by source. full disclosure: http://seclists.org/fulldisclosure/2009/Dec/253 Sunbird 0.9 Array Overrun code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - Dis.: 07.05.2009 - Pub.: 11.12.2009 CVE: CVE-2009-0689 CWE: CWE-199 Risk: High...
Scientific Linux Security Update : php on SL5.x i386/x86_64 (20140318)
A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with th...
RedHat Update for php RHSA-2014:0311-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 5 : php (RHSA-2014:0311)
Updated php packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...
Critical: Red Hat Security Advisory: php security update
Updated php packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...
Critical: Red Hat Security Advisory: php security update
Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 and 5.6 Long Life, and Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability...
php security update
5.1.6-44 - add security fixes for CVE-2006-7243, CVE-2009-0689...
SuSE 11.2 / 11.3 Security Update : ruby (SAT Patch Numbers 8578 / 8579)
The following security issue has been fixed : - heap overflow in float point parsing. CVE-2013-4164 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, In...
Ruby: Ruby: Heap Overflow in Floating Point Parsing
Any time a string is converted to a floating point value, a specially crafted string can cause a heap overflow. This can lead to a denial of service attack via segmentation faults and possibly arbitrary code execution. Any program that converts input of unknown origin to floating point values...