741 matches found
Mandriva Linux Security Advisory : qemu (MDVSA-2008:162)
Multiple vulnerabilities have been found in Qemu. Multiple heap-based buffer overflows in the cirrusinvalidateregion function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to...
CVE-2009-1301
Integer signedness error in the storeid3text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service out-of-bounds memory access and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtain...
CVE-2008-5259
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format STRF chunk, which triggers a heap-based buffer overflow...
CVE-2009-1301
Integer signedness error in the storeid3text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service out-of-bounds memory access and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtain...
CVE-2009-1301
Integer signedness error in the storeid3text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service out-of-bounds memory access and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtain...
CVE-2009-1301
Summary (CVE-2009-1301) : mpg123 before 1.7.2 contains an integer signedness error in the ID3v2 store_id3_text function. This flaw can be triggered by a crafted ID3 tag with a negative encoding value, leading to out-of-bounds memory access and potentially a remote code execution or denial-of-serv...
CVE-2008-5259
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format STRF chunk, which triggers a heap-based buffer overflow...
CVE-2009-1301
Integer signedness error in the storeid3text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service out-of-bounds memory access and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtain...
Mandriva Update for qemu MDVSA-2008:162 (qemu)
Check for the Version of qemu OpenVAS Vulnerability Test Mandriva Update for qemu MDVSA-2008:162 qemu Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandrake Security Advisory MDVSA-2009:077 (pam)
The remote host is missing an update to pam announced via advisory MDVSA-2009:077. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
FreeBSD Ports: ffmpeg
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
GLSA-200903-33 : FFmpeg: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200903-33 FFmpeg: Multiple vulnerabilities Multiple vulnerabilities were found in FFmpeg: astrange reported a stack-based buffer overflow in the strreadpacket in libavformat/psxstr.c when processing .str files CVE-2008-3162...
CVE-2009-0887
Integer signedness error in the pamStrTok function in libpam/pammisc.c in Linux-PAM aka pam 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with ...
CVE-2009-0887
Integer signedness error in the pamStrTok function in libpam/pammisc.c in Linux-PAM aka pam 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with ...
CVE-2009-0887
Integer signedness error in the pamStrTok function in libpam/pammisc.c in Linux-PAM aka pam 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with ...
CVE-2009-0887
Integer signedness error in the pamStrTok function in libpam/pammisc.c in Linux-PAM aka pam 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with ...
CVE-2009-0385
Summary (CVE-2009-0385): FFmpeg’s fourxm demuxer contains an integer signedness error in libavformat/4xm.c (function fourxm_read_header). Before revision 16846, this allows a remote attacker to craft a malformed 4X movie file with a large current_track value, triggering a NULL pointer dereference...
CVE-2009-0385
Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...
CVE-2009-0385
Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...
Integer overflow
Integer overflow in Ralink Technology USB wireless adapter RT73 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Probe Request packet with a long SSID,...