FreeBSD : tiff -- Multiple integer overflows (8816bf3a-7929-11df-bcce-0018f3e2eb82)

Tielei Wang : Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a...

openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)

This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. CVE-2010-1411 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)

This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. CVE-2010-1411 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)

This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. CVE-2010-1411 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

CVE-2010-1411

Multiple integer overflows in the Fax3SetupState function in tiffax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a...

Mandriva Update for glibc MDVSA-2010:112 (glibc)

Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDVSA-2010:112 glibc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for glibc MDVSA-2010:111 (glibc)

Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDVSA-2010:111 glibc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Debian DSA-2058-1 : glibc, eglibc - multiple vulnerabilities

Several vulnerabilities have been discovered in the GNU C Library aka glibc and its derivatives. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1391, CVE-2009-4880, CVE-2009-4881 Maksymilian Arciemowicz discovered that the GNU C library did not...

[SECURITY] [DSA 2058-1] New glibc packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2058-1 [email protected] http://www.debian.org/security/ Aurelien Jarno June 10, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2058-1] New glibc packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2058-1 [email protected] http://www.debian.org/security/ Aurelien Jarno June 10, 2010 http://www.debian.org/security/faq -...

Mandriva Linux Security Advisory : glibc (MDVSA-2010:111)

Multiple vulnerabilities was discovered and fixed in glibc : Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted...

FreeBSD Ports: ziproxy

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

GLSA-201006-02 : CamlImages: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201006-02 CamlImages: User-assisted execution of arbitrary code Tielei Wang reported multiple integer overflows, possibly leading to heap-based buffer overflows in the 1 readpngfile and readpngfileasrgb24 functions, when processin...

CVE-2009-4880

Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...

CVE-2009-4880

Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...

Ubuntu: Security Advisory (USN-944-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1

Ubuntu Update for Linux kernel vulnerabilities USN-944-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9441.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2010-1634

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service application crash via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a...

CVE-2010-1634

CVE-2010-1634 concerns the audioop module of Python (versions 2.6, 2.7, 3.1, 3.2) where multiple integer overflows in audioop.c can be triggered by a large fragment in a call like audioop.lin2lin, leading to a denial of service (application crash). The vulnerability is tied to an incorrect prior ...

CVE-2010-1634

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service application crash via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a...