Update Protection against Mozilla Firefox JIT escape Function Memory Corruption

A memory corruption vulnerability exists in Mozilla Firefox, a web browser developed by Mozilla Foundation. This flaw is due to the way Mozilla Firefox handles JIT Just-in-Time escape Function calls. A remote attacker can exploit this vulnerability by enticing a target user to open a malicious we...

Debian DSA-1910-1 : mysql-ocaml - missing escape function

It was discovered that mysql-ocaml, OCaml bindings for MySql, was missing a function to call mysqlrealescapestring. This is needed, because mysqlrealescapestring honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The adde...

Debian DSA-1909-1 : postgresql-ocaml - missing escape function

It was discovered that postgresql-ocaml, OCaml bindings to PostgreSQL's libpq, was missing a function to call PQescapeStringConn. This is needed, because PQescapeStringConn honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are use...

Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)

The remote host is missing an update to ocaml-mysql announced via advisory FEDORA-2009-10582. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

Fedora Core 10 FEDORA-2009-10595 (ocaml-postgresql)

The remote host is missing an update to ocaml-postgresql announced via advisory FEDORA-2009-10595. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)

The remote host is missing an update to ocaml-mysql announced via advisory FEDORA-2009-10582. OpenVAS Vulnerability Test $Id: fcore200910582.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10582 ocaml-mysql Authors: Thomas Reinke Copyright: Copyrigh...

Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)

The remote host is missing an update to ocaml-mysql announced via advisory FEDORA-2009-10701. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

Fedora 10 : ocaml-postgresql-1.12.3-1.fc10.2 (2009-10595)

New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/showbug.cgi?id=529325 CVE-2009-2943 ocaml- postgresql: Missing escape function DSA-1909-1 HOWEVER you are not protected until you change your code to use the new connectionescapestring method. Note that...

[SECURITY] [DSA 1909-1] New postgresql-ocaml packages provide secure escaping

------------------------------------------------------------------------ Debian Security Advisory DSA-1909-1 [email protected] http://www.debian.org/security/ Steffen Joeris October 14, 2009 http://www.debian.org/security/faq -...

DSA-1910-1 mysql-ocaml - missing escape function

Bulletin has no description...

DSA-1911-1 pygresql - missing escape function

Bulletin has no description...

CVE-2009-2477

js/src/jstracer.cpp in the Just-in-time JIT JavaScript compiler aka TraceMonkey in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a...

CVE-2009-2477

js/src/jstracer.cpp in the Just-in-time JIT JavaScript compiler aka TraceMonkey in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a...

Mozilla Firefox JIT Escape Function Memory Corruption

Added: 07/13/2009 CVE: CVE-2009-2477 BID: 35660 OSVDB: 55846 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption vulnerability in Mozilla Firefox in the way it handles JIT escape function calls allows arbitrary code injection and...

Mozilla Firefox JIT Escape Function Memory Corruption

Added: 07/13/2009 CVE: CVE-2009-2477 BID: 35660 OSVDB: 55846 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption vulnerability in Mozilla Firefox in the way it handles JIT escape function calls allows arbitrary code injection and...

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

DEBIAN-CVE-2006-0106

gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, implement the SETABORTPROC GDI Escape function call for Windows Metafile WMF files, which allows attackers to execute arbitrary code, the same vulnerability as CVE-2005-4560 but in a different codebase...

CVE-2006-0106

gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, implement the SETABORTPROC GDI Escape function call for Windows Metafile WMF files, which allows attackers to execute arbitrary code, the same vulnerability as CVE-2005-4560 but in a different codebase...

Microsoft Windows Metafile handler SETABORTPROC GDI Escape vulnerability

Overview Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the Windows operating...

security flaw

Buffer overflow in the sqlescapefunc function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service crash...