Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : pixman vulnerability (USN-2047-1)

Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...

Ubuntu: Security Advisory (USN-2047-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2047-1: pixman vulnerability

Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash...

Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow", 'Description' = %q This module exploits a vulnerability on the...

MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow

This Metasploit module exploits a vulnerability on the CardSpaceClaimCollection class from the icardie.dll ActiveX control. The vulnerability exists while the handling of the CardSpaceClaimCollection object. CardSpaceClaimCollections stores a collection of elements on a SafeArray and keeps a size...

MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow", 'Description' = %q This module exploits a vulnerability on the...

MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow

This module exploits a vulnerability on the CardSpaceClaimCollection class from the icardie.dll ActiveX control. The vulnerability exists while the handling of the CardSpaceClaimCollection object. CardSpaceClaimCollections stores a collection of elements on a SafeArray and keeps a size field,...

MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow

This security update resolves a privately reported vulnerability that is currently being exploited. The vulnerability exists in the InformationCardSigninHelper Class ActiveX control. The vulnerability could allow remote code execution if a user views a specially crafted webpage with Internet...

PT-2013-1076 · Pixman +4 · Pixman +4

Name of the Vulnerable Software and Affected Versions: pixman versions prior to 0.32.0 pixman version 0.22.0 Description: The issue is related to an integer underflow in the pixman trapezoid valid macro in pixman.h in Pixman, which can be exploited to cause a denial of service crash via a negativ...

PT-2014-3109 · X.Org +5 · X.Org +5

Name of the Vulnerable Software and Affected Versions: X.Org affected versions not specified Description: The issue is related to an integer underflow in the xTrapezoidValid macro, which can be exploited by context-dependent attackers to cause a denial of service, resulting in a crash. This can b...

Amazon Linux AMI : openssl (ALAS-2012-85)

An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS Datagram Transport Layer Security application data record lengths when using a block cipher in CBC cipher-block chaining mode. A malicious DTLS client or server could use this flaw to crash its DTL...

CA ARCserve Backup for Laptops and Desktops Server, CA Protection Suite, and CA Desktop Management Suite Integer Underflow

According to the version of rxRPC.dll installed on the remote host, the Computer Associates product is affected by an integer underflow vulnerability that could allow a remote attacker to cause the LGServer service to crash or execute arbitrary code. C Tenable Network Security, Inc...

Oracle Linux 3 : rdesktop (ELSA-2008-0576)

From Red Hat Security Advisory 2008:0576 : Updated rdesktop packages that fix a security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft...

Oracle Linux 4 : file (ELSA-2007-0124)

From Red Hat Security Advisory 2007:0124 : An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particul...

Oracle Linux 5 : gzip (ELSA-2010-0061)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2010-0061 advisory. 1.3.5-11.0.1.el54.1 - Updated description in specfile to be product neutral 1.3.5-11:.1 - Added fix for CVE-2010-0001: 64 bit Integer underflow by decompressing...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2025)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2025 advisory. - Apply new fix for CVE-2011-1576. - net: Fix memory leak/corruption on VLAN GRODROP CVE-2011-1576 - iommu-api: Extension to check for interrupt...

Oracle Linux 5 : Important: / kernel (ELSA-2007-0993)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0993 advisory. - CVE-2007-4571 ALSA memory disclosure flaw - Tick divider bugs on x8664 - CVE-2007-5494 openOATOMICLOOKUP leaks dentry - PATCH jbd: wait for already...

PT-2013-3486 · None +2 · Autotrace +1

Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 ALT Linux affected versions not specified Description: The issue is related to an integer underflow in the input bmp reader function, which can be triggered by a small value in the biSize field of a BMP file header...

OpenSSL AES-NI Integer Underflow (CVE-2012-2686)

An integer underflow vulnerability has been reported in OpenSSL...

SuSE 11.2 Security Update : Acrobat Reader (SAT Patch Number 7734)

Acrobat Reader has been updated to version 9.5.5. The Adobe Advisory can be found at: https://www.adobe.com/support/security/bulletins/apsb13-15.html These updates resolve : - memory corruption vulnerabilities that could lead to code execution. CVE-2013-2718 / CVE-2013-2719 / CVE-2013-2720 /...