Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : bzip2 vulnerability (USN-986-1)

An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program. Note that Tenable Network Securi...

bzip2 integer overflow

Integer overflow on bz2 archive decompressing...

FreeBSD-SA-10:08.bzip2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:08.bzip2 Security Advisory The FreeBSD Project Topic: Integer overflow in bzip2 decompression Category: contrib Module: bzip2 Announced: 2010-09-20 Credits:...

FreeBSD -- Integer overflow in bzip2 decompression

Problem Description: When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow...

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

Design/Logic Flaw

The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."...

ZDI-10-148: Microsoft Cinepak Codec CVDecompress Remote Code Execution Vulnerability

ZDI-10-148: Microsoft Cinepak Codec CVDecompress Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-148 August 10, 2010 -- CVE ID: CVE-2010-2553 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Microsoft -- Affected Products: Microsoft File Format...

Kaspersky Antivirus <= 6.0.1.411 UPX DoS Vulnerability

Kaspersky AntiVirus Engine 6.0.1.411 for Windows allows remote attackers to cause a denial of service CPU consumption via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be...

GNU gzip LZH Decompression make_table Stack Modification (CVE-2006-4335)

GNU gzip is a popular compression and decompression utility that ships with all standard Linux distributions, as well as commercial Unix-based operating systems. The utility can create and decompress files which are stored using the DEFLATE algorithm. In addition to the algorithm used in the...

CVE-2010-0526

Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not properly handled during...

Heap overflow

Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FLC file, related to crafted DELTAFLI chunks and untrusted length values in a .fli file,...

CVE-2010-0520

Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FLC file, related to crafted DELTAFLI chunks and untrusted length values in a .fli file,...

curl: zlib-compression causes curl to pass more than CURL_MAX_WRITE_SIZE bytes to write callback

contentencoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service application crash or have unspecified othe...

ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-025 March 9, 2010 -- CVE ID: CVE-2010-0263 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Excel -- Vulnerability Details: This...

Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the decompression of XLSX files. The XL...

data callback excessive length

When downloading data, libcurl hands it over to the application using a callback that is registered by the client software. libcurl then calls that function repeatedly with data until the transfer is complete. The callback is documented to receive a maximum data size of 16K CURLMAXWRITESIZE. Usin...

[ MDVSA-2010:019 ] gzip

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:019 http://www.mandriva.com/security/ Package : gzip Date : January 20, 2010 Affected: Corporate 4.0 Problem Description: A vulnerability has been found and corrected in gzip: An integer underflow leading to...

DSA-1974-1 gzip - arbitrary code execution

Bulletin has no description...

Mandriva Security Advisory MDVSA-2009:191-1 (OpenEXR)

The remote host is missing an update to OpenEXR announced via advisory MDVSA-2009:191-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Java Web Start Buffer unpack200 processing integer overflow (6830335)

Integer overflow in the unpack200 utility in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to...