173 matches found
Kernel doesn't clear DF for signal handlers
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...
CVE-2008-1685
gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer...
CVE-2008-1685
gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer...
CVE-2008-1685
CVE-2008-1685 affects GNU Compiler Collection versions 4.2.0–4.3.0. The issue is that when casts are not used, the sum of a pointer and an int may be considered >= the pointer, which can lead to removal of length-testing code intended as protection against integer overflow and buffer overflow,...
PT-2008-1164 · Gnu · Gnu Compiler Collection
Name of the Vulnerable Software and Affected Versions: GNU Compiler Collection versions 4.2.0 through 4.3.0 Description: The issue is related to the incorrect handling of the sum of a pointer and an integer as greater than or equal to the pointer without using casts. This might lead to the remova...
DEBIAN-CVE-2008-1367
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...
Debian Security Advisory DSA 1170-1 (gcc-3.4)
The remote host is missing an update to gcc-3.4 announced via advisory DSA 1170-1. Jürgen Weigert discovered that upon unpacking JAR archives fastjar from the GNU Compiler Collection does not check the path for included files and allows to create or overwrite files in upper directories. OpenVAS...
Debian: Security Advisory (DSA-1170)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1170-1 : gcc-3.4 - missing sanity check
Jurgen Weigert discovered that upon unpacking JAR archives fastjar from the GNU Compiler Collection does not check the path for included files and allows to create or overwrite files in upper directories. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...
[SECURITY] [DSA 1170-1] New fastjar packages fix directory traversal
-------------------------------------------------------------------------- Debian Security Advisory DSA 1170-1 [email protected] http://www.debian.org/security/ Martin Schulze September 6th, 2006 http://www.debian.org/security/faq -...
DSA-1170 gcc-3.4 - missing sanity check
Bulletin has no description...
Buffer overflow
foldbinary in fold-const.c in GNU Compiler Collection gcc 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQEXPR and NEEXPR, which might introduce buffer overflow vulnerabilities into applications that could b...
CVE-2006-1902
foldbinary in fold-const.c in GNU Compiler Collection gcc 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQEXPR and NEEXPR, which might introduce buffer overflow vulnerabilities into applications that could b...