Ubuntu: Security Advisory (USN-2288-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2014-0118

The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...

CVE-2014-0118

The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...

UBUNTU-CVE-2014-0118

The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...

USN-2290-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

USN-2290-1 linux vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2288-1)

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiro discovered an information leak in the Linux kernel's media- device...

Ubuntu 13.10 : linux vulnerabilities (USN-2289-1)

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2287-1)

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

lzo: lzo1x_decompress_safe() integer overflow

An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash o...

MGASA-2014-0281 Updated ffmpeg packages fix security vulnerabilities

A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service CVE-2012-5150. The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 1.1.9 does not properly validate a certain bits-per-sample...

Updated ffmpeg packages fix security vulnerabilities

A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service CVE-2012-5150. The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 1.1.9 does not properly validate a certain bits-per-sample...

Updated ffmpeg packages fix security vulnerabilities

The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.0.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...

CVE-2014-4608

Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service memory corruption via a crafted Literal Run. NOTE: the author of the LZO...

[SECURITY] Fedora 20 Update: lzo-2.08-1.fc20

LZO is a portable lossless data compression library written in ANSI C. It offers pretty fast compression and very fast decompression. Decompression requires no memory. In addition there are slower compression levels achieving a quite competitive compression ratio while still decompressing at this...

IrfanView FlashPix PlugIn Decompression Heap Overflow

No description provided by source. Application: IrfanView FlashPix PlugIn Decompression Heap Overflow Platforms: Windows Secunia Number: SA48772 PRL: 2012-08 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2...

Microsoft Reader <= 2.1.1.3143 Heap Overflow

No description provided by source. Source: http://aluigi.org/adv/msreader2-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version = 2.6.1.7169 Origami version the non-PC versions have not been tested Platforms: Windows, Windows Mobil...

Internet Bug Bounty: LZ4 Core

Lab Mouse Security Report LMS-2014-06-16-6 Report ID: LMS-2014-06-16-6 CVE ID: CVE-2014-4611 Researcher Name: Don A. Bailey Researcher Organization: Lab Mouse Security Researcher Email: donb at securitymouse.com Researcher Website: www.securitymouse.com Vulnerability Status: Reported / No respons...