CVE-2009-3872

CVE-2009-3872 affects Sun Java SE/J2SE/JDK/JRE JPEG JFIF Decoder. A vulnerability in the JPEG decoding path allows remote attackers to gain privileges via a crafted image file. Affected products/versions include Sun Java 5.0 before Update 22, Java 6 before Update 17, and older SDK/JRE 1.3.x befor...

CVE-2009-3872

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...

JRE JPEG JFIF Decoder issue (6862969)

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...

CVE-2009-2984

Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors...

CVE-2009-2984

Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors...

CVE-2009-2984

Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors...

CVE-2009-2984

CVE-2009-2984 affects Adobe Acrobat/Reader: image decoder vulnerability in Adobe Acrobat 9.x prior to 9.2 (and possibly older 7.x, 8.x). Impact described as denial of service or possible arbitrary code execution via unknown vectors. Affects Acrobat/Reader components handling images; no exploit de...

Heap overflow

Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager ACM, does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via 1 a crafted...

Microsoft DirectShow AVI Decoder Buffer Overflow (MS05-050; CVE-2005-2128)

Microsoft DirectX is a set of low-level application programming interfaces APIs for creating high-performance multimedia applications. Microsoft DirectShow is an architecture for streaming media on the Microsoft Windows platform and provides for the capture and playback of multimedia streams. It...

SuSE9 Security Update : IBM Java5 JRE and SDK (YOU Patch Number 12336)

This update brings IBM Java 5 to Service Release 9. It fixes the following security problems : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application...

SuSE9 Security Update : GhostScript (YOU Patch Number 12417)

Specially crafted file could cause a heap-overflow in JBIG2 decoder CVE-2009-0196, an integer overflow in ICC library CVE-2009-0792 or crash the CCITTFax decoder. CVE-2007-6725 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12387)

This update brings the IBM Java 1.4.2 JDK and JRE to Service Release 13. It fixes lots of bugs and various security issues : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running t...

SuSE 11 Security Update : gstreamer (SAT Patch Number 742)

Specially crafted cover art tags in vorbis files could trigger a heap overflow in the base64 decoder. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0586 if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit...

SuSE 11 Security Update : acroread_ja (SAT Patch Number 769)

Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 / CVE-2009-1061 /...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5295)

Specially crafted files could crash the bzip2-decoder. CVE-2008-1372 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41482; scriptversion"1.11";...

SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 5960)

This update brings IBM Java 5 to Service Release 9. It fixes the following security problems : - A security vulnerability in the Java Runtime Environment JRE may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application...

SuSE 11 Security Update : GhostScript (SAT Patch Number 876)

Specially crafted file could cause a heap-overflow in JBIG2 decoder CVE-2009-0196, an integer overflow in ICC library CVE-2009-0792, a buffer overflow in BaseFont writer module CVE-2008-6679 or crash the CCITTFax decoder. CVE-2007-6725 The previous security update introduced a regression that bro...

CVE-2009-3072

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...

Memory corruption

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary co...