Format string

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service crash via format string specifiers in a destination filename...

CVE-2013-4474

CVE-2013-4474 affects Poppler (before 0.24.3). A format string vulnerability in the extractPages function (utils/pdfseparate.cc) allows remote attackers to crash the process via specially crafted destination filenames, causing a denial of service. Affected: Poppler’s pdfseparate tool; root cause:...

CVE-2013-4474

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service crash via format string specifiers in a destination filename...

CVE-2013-4474

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service crash via format string specifiers in a destination filename...

CVE-2013-4474

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service crash via format string specifiers in a destination filename...

Mandriva Linux Security Advisory : poppler (MDVSA-2013:272)

Updated poppler packages fix security vulnerabilities : Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in the context of the affected application...

Updated poppler packages fix multiple vulnerabilities

Updated poppler packages fix security vulnerabilities: Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in the context of the affected application...

MGASA-2013-0332 Updated poppler packages fix multiple vulnerabilities

Updated poppler packages fix security vulnerabilities: Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in the context of the affected application...

kernel: block: passing disk names as format strings

Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...

Important: Red Hat Security Advisory: Red Hat Enterprise Linux 6 kernel update

Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fifth regular update. The Red Hat Security Response Team has...

ESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.1 host is affected by the following security vulnerabilities : - An integer overflow condition exists in the glibc library in the tzfileread function that allows a denial of service or arbitrary code execution. CVE-2009-5029 - An error exists in the glibc library related ...

Poppler 0.14.3 - utilspdfseparate.cc Local Format String

Poppler 0.14.3 - utilspdfseparate.cc Local Format String source: https://www.securityfocus.com/bid/63374/info Poppler is prone to a local format-string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of th...

Poppler 0.14.3 - &#039;/utils/pdfseparate.cc&#039; Local Format String

source: https://www.securityfocus.com/bid/63374/info Poppler is prone to a local format-string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will...

Apple Remote Desktop < 3.5.4 / 3.7 Multiple Vulnerabilities (Mac OS X)

According to its version, the Apple Remote Desktop install on the remote host is earlier than 3.5.4 / 3.7. As such, it is potentially affected the following vulnerabilities : - A format string vulnerability exists in Remote Desktop's handling of a VNC username. CVE-2013-5135 - An information...

CVE-2013-5135

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username...

Format string

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username...

CVE-2013-5135

CVE-2013-5135 targets Apple Mac OS X prior to 10.9 and Apple Remote Desktop prior to 3.5.4. The issue is a format string vulnerability in Screen Sharing Server that permits remote code execution via format string specifiers in a VNC username. Impact is remote execution of arbitrary code with netw...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...

kernel: b43: format string leaking into error msgs

Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe...

CVE-2013-4389

Multiple format string vulnerabilities in logsubscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message...