openSUSE Security Update : enscript (enscript-274)

This update of enscript fixes buffer overflows in the setfilename CVE-2008-3863, processfile and readspecialescape function that can be exploited during file processing. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

ICQ 6.5 File Processing

g f44.104: Access violation - code c0000005 !!! second chance !!! eax=02100068 ebx=772a23c1 ecx=0210cefa edx=00000823 esi=00610061 edi=00000000 eip=772a533f esp=0210cec0 ebp=0210cec4 iopl=0 nv up ei pl nz na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010202 SHLWAPI!Ordinal400+0x2...

GLSA-200904-14 : F-PROT Antivirus: Multiple Denial of Service vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200904-14 F-PROT Antivirus: Multiple Denial of Service vulnerabilities The following vulnerabilities were found: Multiple errors when processing UPX, ASPack or Microsoft Office files CVE-2008-3243. Infinite Sergio Alvarez of n.run...

CVE-2009-0520

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."...

Audio File Library 0.2.6 - libaudiofile 'msadpcm.c .WAV' File Processing Buffer Overflow

source: https://www.securityfocus.com/bid/33066/info Audio File Library 'libaudiofile' is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data. An attacker can exploit this issue to execute arbitrary machine code in the context of...

openSUSE 10 Security Update : enscript (enscript-5719)

This update of enscript fixes buffer overflows in the setfilename CVE-2008-3863, processfile and readspecialescape function that can be exploited during file processing. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Critical: Red Hat Security Advisory: java-1.5.0-ibm security update

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.5.0 Java release includes the IBM Java 2...

Microsoft Color Management System Path Name Buffer Overflow (MS08-046; CVE-2008-2245)

Image Color Management ICM is a color management system that parses and uses data in International Color Consortium ICC profiles to perform color translation operations. A remote code execution vulnerability was reported in the Microsoft Color Management System. The vulnerability is due to a flaw...

[SECURITY] Fedora 9 Update: ruby-1.8.6.230-1.fc9

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...

Critical: Red Hat Security Advisory: java-1.5.0-sun security update

Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...

[SECURITY] Fedora 9 Update: ruby-1.8.6.230-1.fc9

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...

libxslt XSL 1.1.23 - File Processing Buffer Overflow

source: https://www.securityfocus.com/bid/29312/info The 'libxslt' library is prone to a buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code with the privileges of the user...

Microsoft Malware Protection Engine File Processing Remote Denial Of Service Vulnerability

Description Microsoft Malware Protection Engine is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input when parsing specially crafted files. Attackers can exploit this issue to cause an affected computer to stop responding or to restart...

Microsoft Jet Engine stack buffer overflow

Overview The Microsoft Jet Engine contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Jet, or Joint Engine Technology, is a database engine that is used by several Microsoft products, includin...

RealPlayer RA Field Size File Processing Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .ra/.ram file or visit a malicious web site. The specific flaw exists during the parsing of files with improperly defined size...

CVE-2007-4787

CVE-2007-4787 affects Sophos Anti-Virus (prior to 2.49.0) where the virus detection engine fails to properly process malformed CAB, LZH, and RAR archives with modified headers, potentially allowing remote attackers to bypass malware detection. The vulnerability resides in the archive-processing l...

Important: Red Hat Security Advisory: gpdf security update

Updated kdegraphics packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. gpdf is a GNOME based viewer for Portable Document Format PDF files. Maury...

File: Denial of service

Background file is a utility that identifies a file format by scanning binary data for patterns. Description Conor Edberg discovered an error in the way file processes a specific regular expression. Impact A remote attacker could entice a user to open a specially crafted file, using excessive CPU...

Corel WordPerfect buffer overflow

Buffer overflow on .PRS file processing...

AdPlug: Multiple vulnerabilities

Background AdPlug is a free, cross-platform, and hardware-independent AdLib sound player library. Description AdPlug is vulnerable to buffer and heap overflows when processing the following types of files: CFF, MTK, DMO, U6M, DTM, and S3M. Impact By enticing a user to load a specially crafted fil...