SuSE 10 Security Update : Libreoffice (ZYPP Patch Number 7365)

Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. LibreOffice is continuation of the OpenOffice.org project. This update replaces the OpenOffice.org installation, including helper packages, e.g. dictionaries,...

CVE-2011-0192

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...

CVE-2011-0566

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603...

Ubuntu Update for openoffice.org vulnerabilities USN-1056-1

Ubuntu Update for Linux kernel vulnerabilities USN-1056-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10561.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for openoffice.org vulnerabilities USN-1056-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)

This host is missing a critical security update according to Microsoft Bulletin MS08-010. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2010-3795

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted GIF file...

Fedora 14 Introduces libjpegturbo for Faster Image Processing

Fedora 14, known as "Laughlin," officially launched on Tuesday, offering numerous new features aimed at enhancing the user experience for this open-source desktop operating system. Usability Focus In recent releases, Fedora, sponsored by Red Hat, has concentrated on improving usability. According...

Joomla Mosets Tree 2.1.5 Shell Upload

Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability Date: 6 September 2010 Author: jdc Software Link: http://www.mosets.com/tree/ Version: 2.1.5 Patched: 2.1.6 Tested on: PHP5, MySQL5 Mosets Tree suffers from a shell upload vulnerabilty caused by improperly checking the...

Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability

No description provided by source. Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability Date: 6 September 2010 Author: jdc Software Link: http://www.mosets.com/tree/ Version: 2.1.5 Patched: 2.1.6 Tested on: PHP5, MySQL5 Mosets Tree suffers from a shell upload vulnerabilty...

Joomla! Component com_mtree 2.1.5 - Arbitrary File Upload

Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability Date: 6 September 2010 Author: jdc Software Link: http://www.mosets.com/tree/ Version: 2.1.5 Patched: 2.1.6 Tested on: PHP5, MySQL5 Mosets Tree suffers from a shell upload vulnerabilty caused by improperly checking the...

Fedora 12 : libpng10-1.0.54-1.fc12 (2010-10833)

This update addresses two security issues: CVE-2010-1205, in which a buffer overflow might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. CVE-2010-2249, in which a memory leak allows remote attackers to cause a denial of service memory...

libtiff: crash when reading image with not configured compression

LibTIFF in Red Hat Enterprise Linux RHEL 3 on x8664 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPE...

CVE-2010-2598

LibTIFF in Red Hat Enterprise Linux RHEL 3 on x8664 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPE...

CVE-2010-2598

LibTIFF in Red Hat Enterprise Linux RHEL 3 on x8664 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPE...

Ziproxy PNG Image Processing Buffer Overflow Vulnerability

The host is running Ziproxy server and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodziproxybofvuln.nasl 5676 2017-03-22 16:29:37Z cfi $ Ziproxy PNG Image Processing Buffer Overflow Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 SecPod,...

CVE-2010-2443

The OJPEGReadBufferFill function in tifojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function...

GD: User-assisted execution of arbitrary code

Background GD is a graphic library for fast image creation. Description Tomas Hoger reported that the gdGetColors function in gdgd.c does not properly verify the colorsTotal struct member, possibly leading to a buffer overflow. Impact A remote attacker could entice a user to open a specially...

CamlImages: User-assisted execution of arbitrary code

Background CamlImages is an image processing library for Objective Caml. Description Tielei Wang reported multiple integer overflows, possibly leading to heap-based buffer overflows in the 1 readpngfile and readpngfileasrgb24 functions, when processing a PNG image CVE-2009-2295 and 2 gifread.c an...

CVE-2010-1509

IrfanView (before version 4.27) is vulnerable to a PSD parsing issue caused by a sign-extensions/unspecified integer variable handling error that can trigger a heap-based buffer overflow. This may allow a remote attacker to crash the application or potentially execute arbitrary code via a special...

CVE-2009-4776

Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors relate...