openSUSE Security Update : amarok (amarok-436)

This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135, CVE-2009-0136 %NASLMINLEVEL 70300 C...

openSUSE Security Update : ruby (ruby-123)

This update of ruby fixes : - a possible information leakage CVE-2008-1145 - a directory traversal bug CVE-2008-1891 in WEBrick - various memory corruptions and integer overflows in array and string handling CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2727,...

openSUSE Security Update : jasper (jasper-303)

Multiple, potentially dangerous integer overflows, buffer overflows and a problem with temporary files have been fixed CVE-2008-3520, CVE-2008-3521, CVE-2008-3522. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

openSUSE Security Update : python (python-360)

Integer Overflows in the python imageop module potentially allowed attackers to execute arbitrary code CVE-2008-4864. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update python-360. The text...

openSUSE Security Update : ghostscript-devel (ghostscript-devel-592)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files CVE-2009-0583, CVE-2009-0584. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

openSUSE Security Update : freetype2 (freetype2-794)

Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. CVE-2009-0946 Thanks to Tavis Ormandy who found the bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE Security Update : amarok (amarok-436)

This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135, CVE-2009-0136 %NASLMINLEVEL 70300 C...

GLSA-200907-16 : Python: Integer overflows

The remote host is affected by the vulnerability described in GLSA-200907-16 Python: Integer overflows Chris Evans reported multiple integer overflows in the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the unicodeexpandtabs function in...

Fedora 11 : libtiff-3.8.2-14.fc11 (2009-7775)

CVE-2009-2347 libtiff: integer overflows in various inter-color spaces conversion tools crash, ACE Not the same as last week's libtiff security issue ... Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

Python: Integer overflows

Background Python is an interpreted, interactive, object-oriented programming language. Description Chris Evans reported multiple integer overflows in the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the unicodeexpandtabs function in...

CVE-2009-2347

Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a cvtwholeimage...

CVE-2009-2347

Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a cvtwholeimage...

CVE-2009-2347

CVE-2009-2347 affects libtiff 3.8 through 4.0, where multiple integer overflows in inter-color spaces conversion tools enable context-dependent attackers to trigger a heap-based buffer overflow via TIFF images with large width/height. The overflow occurs in cvt_whole_image (tiff2rgba) and tiffcvt...

[oCERT-2009-012] libtiff tools integer overflows

2009-012 libtiff tools integer overflows Description: The libtiff image library tools suffer from integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The libtiff package ships a library, for reading and writing TIFF, as well as a sma...

libtiff multiple security vulnerabilities

Crash on LZWDecodeCompat. Potantial integer overflows in tiff2rgba and rgb2ycbcr...

DSA-1832-1 camlimages - arbitrary code execution

Bulletin has no description...

Mandrake Security Advisory MDVSA-2009:142 (jasper)

The remote host is missing an update to jasper announced via advisory MDVSA-2009:142. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:143 (netpbm)

The remote host is missing an update to netpbm announced via advisory MDVSA-2009:143. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:144 (ghostscript)

The remote host is missing an update to ghostscript announced via advisory MDVSA-2009:144. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:144 (ghostscript)

The remote host is missing an update to ghostscript announced via advisory MDVSA-2009:144. OpenVAS Vulnerability Test $Id: mdksa2009144.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:144 ghostscript Authors: Thomas Reinke Copyright: Copyright c 2009...