SuSE 10 Security Update : xine (ZYPP Patch Number 5139)

Specially crafted files could cause integer overflows in the xine library. Attackers could potentially exploit that to execute arbitrary code with the privileges of the user who opened such a file. CVE-2008-1482 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this...

openSUSE 10 Security Update : xgl (xgl-5099)

This update fixes several integer overflows in Xgl CVE-2007-6429, CVE-2007-1003, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

DTSA-120-1 xine-lib - several integer overflows

Bulletin has no description...

DSA-1533-2 exiftags

Bulletin has no description...

Debian DSA-1533-2 : exiftags - insufficient input sanitizing

Christian Schmid and Meder Kydyraliev Google Security discovered a number of vulnerabilities in exiftags, a utility for extracting EXIF metadata from JPEG images. The Common Vulnerabilities and Exposures project identified the following three problems : - CVE-2007-6354 Inadequate EXIF property...

CVE-2008-1391

Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...

CVE-2008-1391

Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...

CVE-2008-1391

Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...

CVE-2008-1391

Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...

DSA-1533-1 exiftags

Bulletin has no description...

Apache < 2.0.55 Multiple Vulnerabilities

The remote host appears to be running a version of Apache that is prior to 2.0.55. It is, therefore affected by multiple vulnerabilities : - A security issue exists where 'SSLVerifyClient' is not enforced in per-location context if 'SSLVerifyClient optional' is configured in the vhost...

CVE-2008-1482

Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via 1 a crafted .FLV file, which triggers an overflow in demuxers/demuxflv.c; 2 a crafted .MOV file, which triggers an overflow in...

CVE-2008-1482

Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via 1 a crafted .FLV file, which triggers an overflow in demuxers/demuxflv.c; 2 a crafted .MOV file, which triggers an overflow in...

CVE-2008-1482

Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via 1 a crafted .FLV file, which triggers an overflow in demuxers/demuxflv.c; 2 a crafted .MOV file, which triggers an overflow in...

CVE-2008-0057

Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list...

Borland Starteam Server integer overflows

Multiple integer overflows...

CVE-2007-6149

Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol RTMP message with a crafted integer field that is used for allocation...

CVE-2007-6149

Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol RTMP message with a crafted integer field that is used for allocation...

Microsoft Works / Microsoft Office multiple security vulnerabilities

Multiple buffer overflows and integer overflows on .wps files parsing...

Adobe Acrobat / Reader multiple security vulnerabilities

Multiple buffer overflows and integer overflows, unsafe methods, unsafe dynamic library loading...