openSUSE 10 Security Update : OpenEXR (OpenEXR-6393)

This update of OpenEXR fixes seceral integer overflows CVE-2009-1720 and a denial-of-service probably execution of arbitrary code bug CVE-2009-1721. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

openSUSE 10 Security Update : xemacs (xemacs-6412)

Specially crafted tiff, png and jpeg images could cause integer overflows in xemacs and possible system compromise. CVE-2009-2688 Additionally two non-security bugs were fixed that enable xemacs to use the configured fonts. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

openSUSE 10 Security Update : gstreamer010-plugins-good (gstreamer010-plugins-good-6295)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

Mandrake Security Advisory MDVSA-2009:243-1 (freetype2)

The remote host is missing an update to freetype2 announced via advisory MDVSA-2009:243-1. OpenVAS Vulnerability Test $Id: mdksa20092431.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:243-1 freetype2 Authors: Thomas Reinke Copyright: Copyright c 200...

Mandrake Security Advisory MDVSA-2009:243 (freetype2)

The remote host is missing an update to freetype2 announced via advisory MDVSA-2009:243. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:243-1 (freetype2)

The remote host is missing an update to freetype2 announced via advisory MDVSA-2009:243-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

SuSE9 Security Update : freetype2 (YOU Patch Number 12398)

Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. CVE-2009-0946 Thanks to Tavis Ormandy who found the bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE 11 Security Update : libtiff (SAT Patch Number 1172)

This update of the tiff package fixes various integer overflows in the tools. CVE-2009-2347 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

SuSE 11 Security Update : Ghostscript (SAT Patch Number 636)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files. CVE-2009-0583 / CVE-2009-0584 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SuSE 10 Security Update : Ghostscript (ZYPP Patch Number 6066)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files. CVE-2009-0583 / CVE-2009-0584 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SuSE9 Security Update : e2fsprogs (YOU Patch Number 12019)

This update of e2fsprogs fixes several integer overflows in memory allocating code. Programs that use libext2fs are therefore vulnerable to memory corruptions that can lead to arbitrary code execution while loading a specially crafted image. CVE-2007-5497 %NASLMINLEVEL 70300 C Tenable Network...

SuSE9 Security Update : Ruby (YOU Patch Number 12214)

This update of ruby fixes : - a possible information leakage. CVE-2008-1145 - a directory traversal bug in WEBrick. CVE-2008-1891 - various memory corruptions and integer overflows in array and string handling. CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726,...

SuSE9 Security Update : libtiff (YOU Patch Number 12470)

This update of the tiff package fixes various integer overflows in the tools. CVE-2009-2347 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41320;...

SuSE9 Security Update : gd (YOU Patch Number 11578)

This update fixes multiple integer overflows in the gd library. Specially crafted files could leverage them to at least crash gd based applications. CVE-2007-3472, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description ...

SuSE 11 Security Update : freetype2 (SAT Patch Number 792)

Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. CVE-2009-0946 Thanks to Tavis Ormandy who found the bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

SuSE9 Security Update : jasper (YOU Patch Number 12295)

Multiple potentially dangerous integer overflows, buffer overflows, and a problem with temporary files have been fixed. CVE-2008-3520, CVE-2008-3521, CVE-2008-3522 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE9 Security Update : gnome-vfs2,gnome-vfs2-doc (YOU Patch Number 10010)

This update fixes the following security problems : - The VFS scripts contained in GNOME are vulnerable to attacks on temporary files as well as command execution via shell meta-characters. These bugs can be exploited by accessing a malformated archive file. CVE-2004-0494 - Insufficient checks wh...

SuSE9 Security Update : CUPS (YOU Patch Number 12434)

The following bugs have been fixed : - The 'pdftops' was prone to several integer overflows. CVE-2009-0791 - The cups daemon could crash when receiving IPP requests with multiple unsupported tags. CVE-2009-0949 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plug...

SuSE9 Security Update : Ghostscript (YOU Patch Number 12375)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files. CVE-2009-0583, CVE-2009-0584 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2009:243-2)

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in 1 smooth/ftsmooth.c, 2 sfnt/ttcmap.c, and 3 cff/cffload.c. This update corrects the problem. Update : Packages for 2008.0 are provided...