8517 matches found
Critical: Red Hat Security Advisory: ekiga security update
Updated ekiga packages that fix security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Ekiga is a tool to communicate with video and audio over the Internet. Format string flaws were...
Ekiga format string flaw
Multiple format string vulnerabilities in the gmmainwindowflashmessage function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet...
Fedora Core 6 : ekiga-2.0.5-3.fc6 (2007-322)
Format string flaws were found in the way Ekiga processes certain messages. If a user is running Ekiga, a remote attacker who can connect to Ekiga could trigger this flaw and potentially execute arbitrary code with the privileges of the user. Note that Tenable Network Security has extracted the...
Debian DSA-1264-1 : php4 - several vulnerabilities
Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0906 It was discovered that an integer...
Mandrake Linux Security Advisory : ekiga (MDKSA-2007:058)
A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original...
CVE-2007-0999
Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006...
Format string
Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006...
CVE-2007-0999
Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006...
CVE-2007-0999
CVE-2007-0999 is a format-string vulnerability in Ekiga (notably 2.0.3) that could allow a remote attacker to execute arbitrary code with the user’s privileges. The cited Red Hat advisory RHSA-2007-0087 describes this flaw as a format-string issue in Ekiga that, if exploited via a remote connecti...
CVE-2007-0999
Removed by vendor...
USN-434-1: Ekiga vulnerability
It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges...
USN-424-2: PHP regression
USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple buffer overflows have been discovered in various PHP modules...
DSA-1264-1 php4
Bulletin has no description...
Debian DSA-1262-1 : gnomemeeting - format string
'Mu Security' discovered that a format string vulnerability in the VoIP solution GnomeMeeting allows the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-1262...
Netrek 2.12.0 pmessage2() Remote Limited Format String Exploit
No description provided by source. Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...
[SECURITY] [DSA 1262-1] New gnomemeeting packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1262-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 4th, 2007 http://www.debian.org/security/faq -...
CVE-2007-1251
Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...
Format string
Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...
CVE-2007-1251
Format string vulnerability in the newwarning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the message handling...
CVE-2007-1251
Netrek Vanilla Server 2.12.0 is affected by a format string vulnerability in ntserv/warning.c (new_warning) when EVENTLOG is enabled. The issue allows remote attackers to crash the server or potentially execute arbitrary code via format string specifiers in message handling. The available sources...