PDF JBIG2 MMR infinite loop DoS

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service infinite loop and hang via a crafted PDF file...

PDF JBIG2 invalid free()

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...

PDF JBIG2 MMR decoder buffer overflows

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...

xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a free of uninitialized memory...

PDF JBIG2 decoder OOB read

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers an out-of-bounds read...

xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) (CVE-2009-0195)

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2SymbolDict::setBitmap and 2 JBIG2Stream::readSymbolDictSeg...

PDF JBIG2 integer overflow

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file...

xpdf: Multiple integer overflows in JBIG2 decoder

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2Stream::readSymbolDictSeg, 2 JBIG2Stream::readSymbolDictSeg, and 3...

SuSE Security Advisory SUSE-SA:2009:019 (krb5)

The remote host is missing updates announced in advisory SUSE-SA:2009:019. OpenVAS Vulnerability Test $Id: susesa2009019.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:019 krb5 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

RedHat Security Advisory RHSA-2009:0409

The remote host is missing updates announced in advisory RHSA-2009:0409. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center KDC. An input validation flaw was...

CVE-2009-0847

The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...

CVE-2009-0847

The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...

Design/Logic Flaw

The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...

CVE-2009-0846

The asn1decodegeneraltime function in lib/krb5/asn.1/asn1decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 aka krb5 before 1.6.4 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors involving an invalid DER encoding that...

Null pointer dereference

The asn1decodegeneraltime function in lib/krb5/asn.1/asn1decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 aka krb5 before 1.6.4 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors involving an invalid DER encoding that...

DEBIAN-CVE-2009-0847

The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...

Mandriva Update for qt4 MDKSA-2007:075 (qt4)

Check for the Version of qt4 OpenVAS Vulnerability Test Mandriva Update for qt4 MDKSA-2007:075 qt4 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

CVE-2009-0846

The asn1decodegeneraltime function in lib/krb5/asn.1/asn1decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 aka krb5 before 1.6.4 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors involving an invalid DER encoding that...

CVE-2009-0846

The CVE-2009-0846 issue is in MIT Kerberos 5 (krb5) before 1.6.4. The ASN.1 GeneralizedTime decoder’s asn1_decode_generaltime function triggers a free of an uninitialized pointer when processing invalid DER encoding, enabling a remote attacker to cause a denial of service (daemon crash) or possib...

Mandriva Update for qt4 MDKSA-2007:075 (qt4)

Check for the Version of qt4 OpenVAS Vulnerability Test Mandriva Update for qt4 MDKSA-2007:075 qt4 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...