security flaw

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an incoming message...

FreeBSD : xli -- integer overflows in image size calculations (bfbbd505-3bd6-409c-8c67-445d3635cf4b)

Tavis Ormandy discovered several integer overflows in xli's image size handling. A maliciously crafted image may be able to cause a heap buffer overflow and execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

FreeBSD : imlib -- xpm heap buffer overflows and integer overflows (2001103a-6bbd-11d9-851d-000a95bc6fae)

Pavel Kankovsky reports : Imlib affected by a variant of CAN-2004-0782 too. I've discovered more vulnerabilities in Imlib 1.9.13. In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw 1 CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt. Look at the...

FreeBSD : mozilla -- BMP decoder vulnerabilities (ab9c559e-115a-11d9-bc4a-000c41e2cdad)

Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database...

[SECURITY] [DSA 743-1] New ht packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 743-1 [email protected] http://www.debian.org/security/ Martin Schulze July 8th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 743-1] New ht packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 743-1 [email protected] http://www.debian.org/security/ Martin Schulze July 8th, 2005 http://www.debian.org/security/faq -...

Debian DSA-743-1 : ht - buffer overflows, integer overflows

Several problems have been discovered in ht, a viewer, editor and analyser for various executables, that may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-1545 Tavis Ormandy of the Gentoo Linux Security Tea...

Multiple gdb GNU debugger vulnerabilities

Multiple vulnerabilities, including integer overflows...

qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests

Georgi Guninski writes: There are several issues with qmail on 64 bit platforms - classical integer overflow, pointer with signed index and signedness problem not counting the memory consumtion dos, which just helps. Update: the problem with the signed index is exploitable on Freebsd 5.4 amd64 wi...

[SECURITY] [DSA 701-2] New samba packages fix correct sporadic crash

-------------------------------------------------------------------------- Debian Security Advisory DSA 701-2 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2005 http://www.debian.org/security/faq -...

CVE-2000-1219

The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows...

RHEL 2.1 / 3 : tetex (RHSA-2005:354)

Updated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as...

USN-99-1: PHP4 vulnerabilities

Stefano Di Paola discovered integer overflows in PHP's pack and unpack functions. A malicious PHP script could exploit these to break out of safe mode and execute arbitrary code with the privileges of the PHP interpreter. CAN-2004-1018 Note: The second part of CAN-2004-1018 buffer overflow in the...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2005-0639

CVE-2005-0639 (and CVE-2005-0638) affect the xli image viewer prior to 1.17. The vulnerabilities arise from buffer management errors in processing certain image properties and possible integer overflows in PPM files, which may allow a remote attacker to execute arbitrary code. Several advisories ...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2005-0467

Multiple integer overflows in the 1 sftppktgetstring and 2 fxpreaddirrecv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been...

CVE-2005-0467

Multiple integer overflows in the 1 sftppktgetstring and 2 fxpreaddirrecv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been...

security flaw

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889...