openSUSE Security Update : perl-YAML-LibYAML (openSUSE-2015-162)

perl-YAML-LibYAML was updated to version 0.59 to fix four security issues. These security issues were fixed : - CVE-2013-6393: The yamlparserscantaguri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allowed remote attackers to cause a denial of service application...

Ubuntu: Security Advisory (USN-2456-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Internet Explorer Malformed IFRAME Buffer Overflow (MS04-040) - Ver2 (CVE-2004-1050)

Internet Explorer IE is a popular web browser developed by Microsoft corporation. A buffer overflow vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is in the way Microsoft Internet Explorer parses certain parameters of an IFRAME tag. An attacker can exploit this...

GLSA-201411-11 : Squid: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201411-11 Squid: Multiple vulnerabilities An assertion failure in processing of SSL-Bump has been found in Squid. Heap based overflow is discovered when processing SNMP requests. Impact : A remote attacker could send a specially...

Debian DSA-3061-1 : icedove - security update

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service. This update...

Amazon Linux AMI : transmission (ALAS-2014-390)

Integer overflow in the trbitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write. C Tenable Network Security, Inc. The...

Mandriva Linux Security Advisory : apache (MDVSA-2014:142)

Updated apache package fixes security vulnerabilities : A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a...

Debian DSA-2988-1 : transmission - security update

Ben Hawkes discovered that incorrect handling of peer messages in the Transmission bittorrent client could result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

DSA-2989-1 apache2 - security update

Bulletin has no description...

LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Mac OS X) (Heartbleed)

A version of LibreOffice 4.2.x prior to 4.2.3 is installed on the remote Mac OS X host. This version of LibreOffice is bundled with a version of OpenSSL affected by multiple vulnerabilities : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other session...

Microsoft Windows 2000 Help Facility .CNT File :Link Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7102/info The Microsoft Windows 2000 Help facility does not perform sufficient bounds checking on .cnt files. If a .cnt file containing an unusually long :Link URI was opened by the Windows Help facility, a buffer would b...

Microsoft Internet Explorer 5.0.1 JPEG Image Rendering Unspecified Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14282/info Microsoft Internet Explorer is prone to a buffer overflow vulnerability in the JPEG image rendering library used by the browser. This issue is due to a failure of the application to properly bounds check input...

MS Windows XP/2000/NT 4 Help Facility ActiveX Control Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/5874/info The ActiveX control that provides much of the functionality for the Windows Help Center contains an unchecked buffer. Successful exploitation could result in execution of arbitrary code in the security context o...

GREED 0.81 GRX File List Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12033/info greed Get and Resume Elite Edition is prone to a buffer overflow vulnerability. The issue is exposed when the client processes GRX file lists. GRX file lists allow file downloads to be scripted. Since GRX file...

Xtokkaetama 1.0 b-6 Nickname Local Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8337/info xtokkaetama is prone to a locally exploitable buffer overflow vulnerability. This is due to insufficient bounds checking of the '-nickname' command line option, which could result in execution of arbitrary code ...

Debian Security Advisory DSA 2960-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. OpenVAS Vulnerability Test $Id: deb2960.nasl 6724 2017-07-14...

GLSA-201406-02 : libarchive: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201406-02 libarchive: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user or automate...

Medium: elfutils

Issue Overview: Integer overflow in the checksection function in dwarfbeginelf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed compressed debug...

[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I &#40;NNMi&#41; for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04026039 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04026039 Version: 1 HPSBMU02996 rev....

Microsoft Word TextBox Sub-document Memory Corruption - Ver2 (CVE-2007-1910)

Microsoft Word is a document authoring product released by the Microsoft Corporation. A memory corruption vulnerability has been reported in Microsoft Word. The vulnerability is due to improper validation of a supplied value inside the Main Stream. A remote attacker could exploit this vulnerabili...