Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability

Calyptix Security Advisory CX-2007-001 Date: 01/11/2007 http://www.calyptix.com/ http://labs.calyptix.com/advisories/CX-2007-01.txt Overview Snort 2.6.1.2 is vulnerable to an integer underflow that allows a remote attacker to cause Snort to read beyond a specified length of memory, potentially...

Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)

Solaris 10 sysinfo2 - Local Kernel Memory Disclosure 2 / $Id: raptorsysinfo.c,v 1.2 2006/08/22 13:47:54 raptor Exp $ raptorsysinfo.c - Solaris sysinfo2 kernel memory leak Copyright c 2006 Marco Ivaldi systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count...

Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)

/ $Id: raptorsysinfo.c,v 1.2 2006/08/22 13:47:54 raptor Exp $ raptorsysinfo.c - Solaris sysinfo2 kernel memory leak Copyright c 2006 Marco Ivaldi systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1...

security flaw

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

CVE-2006-3768

CVE-2006-3768 affects FileCOPA FTP Server (filecpnt.exe) prior to version 1.01; an integer underflow on long directory arguments to CWD, DELE, MDTM, or MKD triggers a stack-based buffer overflow, enabling arbitrary code execution. CERT reports remote exploitation possible with anonymous access; S...

CVE-2006-3804

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

CVE-2006-3804

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

CVE-2006-3804

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

CVE-2006-3824

systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness...

Heap buffer overwrite on malformed VCard — Mozilla

A VCard attachment with a malformed base64 field such as a photo can trigger a heap buffer overwrite. These have proven exploitable in the past, though in this case the overwrite is accompanied by an integer underflow that would attempt to copy more data than the typical machine has, leading to a...

RHEL 2.1 / 3 / 4 : freetype (RHSA-2006:0500)

Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, and portable font engine. Chris Evans discovered several...

freetype security update

CentOS Errata and Security Advisory CESA-2006:0500-01 Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, an...

freetype security update

CentOS Errata and Security Advisory CESA-2006:0500 Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, and...

security flaw

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...

Moderate: Red Hat Security Advisory: freetype security update

Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, and portable font engine. Chris Evans discovered several...

freetype -- LWFN Files Buffer Overflow Vulnerability

SecurityTracker reports: A vulnerability was reported in FreeType. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted font file that, when loaded by the target user's system, will trigger an integer underflow or integer...

Mandrake Linux Security Advisory : freetype2 (MDKSA-2006:099-1)

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values. CVE-2006-0747 Multiple integer overflows in...

FreeType - .TTF File Remote Buffer Overflow

FreeType - .TTF File Remote Buffer Overflow source: https://www.securityfocus.com/bid/18326/info FreeType is prone to a buffer-overflow vulnerability. This issue is due to an integer-underflow that results in a buffer being overrun with attacker-supplied data. This issue allows remote attackers t...

FreeType - '.TTF' File Remote Buffer Overflow

source: https://www.securityfocus.com/bid/18326/info FreeType is prone to a buffer-overflow vulnerability. This issue is due to an integer-underflow that results in a buffer being overrun with attacker-supplied data. This issue allows remote attackers to execute arbitrary machine code in the...

Integer overflow

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...