CVE-2010-0742

The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, a...

CVE-2009-4881

Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...

Integer overflow

Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...

CVE-2009-4881

Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...

Mozilla Firefox ConstructFrame With Floating First-letter Memory Corruption (CVE-2009-2462)

Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, various graphics formats, and so on. The browser runs on the Windows,...

[Backports-security-announce] Security Update for postgresql-8.4

Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problems: CVE-2010-1169 PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict...

Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass

Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass / source: https://www.securityfocus.com/bid/40241/info The Linux Kernel is prone to a security-bypass vulnerability that affects the Btrfs filesystem implementation. An attacker can exploit this issue to clone a file only open for writing. Th...

Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass

/ source: https://www.securityfocus.com/bid/40241/info The Linux Kernel is prone to a security-bypass vulnerability that affects the Btrfs filesystem implementation. An attacker can exploit this issue to clone a file only open for writing. This may allow attackers to obtain sensitive data or laun...

Fedora Update for mysql FEDORA-2010-7355

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-7355 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

CVE-2010-0604

Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165...

CVE-2010-1562

The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S9 and 9.73P before 9.73P9 allows remote attackers to cause a denial of service device crash via a malformed Contact header, aka Bug ID CSCsj98521...

CVE-2010-1565

Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S9 and 9.73P before 9.73P9 allows remote attackers to cause a denial of service TCP socket exhaustion via unknown vectors, aka Bug ID CSCsk13561...

Code injection

The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S9 and 9.73P before 9.73P9 allows remote attackers to cause a denial of service device crash via a malformed header, aka Bug ID CSCsk04588...

Code injection

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via a malformed session attribute, aka Bug ID CSCsk40030...

Code injection

Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165...

Code injection

Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S9 and 9.73P before 9.73P9 allows remote attackers to cause a denial of service TCP socket exhaustion via unknown vectors, aka Bug ID CSCsk13561...

Code injection

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S11 allows remote attackers to cause a denial of service device crash via a malformed packet, aka Bug ID CSCsk32606...

CVE-2010-1563

The CVE-2010-1563 issue affects Cisco PGW 2200 Softswitch SIP processing. A malformed SIP header can be used by a remote attacker to crash the device (DoS). Affected software includes 9.7(3)S9 and 9.7(3)P9 before 9.7(3)S11/P11; later fixes are 9.7(3)S11 and 9.8(1)S5 with subsequent releases addre...

CVE-2010-1567

The Cisco PGW 2200 Softswitch SIP MGCP stack is affected by CVE-2010-1567 (and related CVEs) as described in Cisco advisory cisco-sa-20100512-pgw. The vulnerability arises from malformed SIP header handling in the SIP implementation, enabling remote attackers to cause a device crash (DoS). The is...

CVE-2010-1562

The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S9 and 9.73P before 9.73P9 allows remote attackers to cause a denial of service device crash via a malformed Contact header, aka Bug ID CSCsj98521...