CVE-2009-0475

Integer underflow in the Huffman decoding functionality pvmp3huffmanparsing.cpp in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service process crash and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption...

OpenCORE pvmp3_huffman_parsing.cpp MP3文件解析整数下溢漏洞

BUGTRAQ ID: 33673 CVECAN ID: CVE-2009-0475 OpenCORE是开放源码的多媒体解码子系统。 OpenCORE的pvmp3huffmanparsing.cpp文件在Huffman解码期间存在整数下溢，导致在写入到堆分配缓冲区时出现错误的边界检查。如果用户受骗打开了恶意的mp3文件，就可以触发这个溢出，导致播放器崩溃或执行任意代码。 Android Open Source Project OpenCORE = 2.0 厂商补丁： Android Open Source Project ---------------------------...

[oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding

2009-002 OpenCORE insufficient bounds checking during MP3 decoding Description: OpenCORE, an open source multimedia decoding subsystem, suffers from an integer underflow during Huffman decoding resulting in improper bounds checking when writing to a heap allocated buffer. Decoding a specially...

CVE-2008-5241

Integer underflow in demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service crash via a crafted media file that results in a small value of moovatomsize in a compressed MOV aka CMOVATOM...

CVE-2008-5241

Integer underflow in demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service crash via a crafted media file that results in a small value of moovatomsize in a compressed MOV aka CMOVATOM...

MS08-040: Microsoft SQL Server Multiple Privilege Escalation (941203) (uncredentialed check)

The remote host is running a version of Microsoft SQL Server, Desktop Engine, or Internal Database that is affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to improper initialization of memory pages when reallocating memory. An unauthenticated, remote...

Gentoo Security Advisory GLSA 200710-19 (sleuthkit)

The remote host is missing updates announced in advisory GLSA 200710-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200710-19 (sleuthkit)

The remote host is missing updates announced in advisory GLSA 200710-19. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibTIFF 'tif_lzw.c'远程整数下溢漏洞

BUGTRAQ ID:30832 CVE ID：CVE-2008-2327 CNCVE ID：CNCVE-20082327 LibTiff是一款负责对TIFF图象格式进行编码/解码的应用库。 LibTIFF 'tiflzw.c'存在整数下溢问题，远程攻击者可以利用漏洞以链接此库的应用程序权限执行任意指令。 libtiff/tiflzw.c代码中的"LZWDecode"和"LZWDecodeCompat"函数存在错误，通过构建特殊的TIFF文件，诱使用户访问，可触发缓冲区下溢，导致以链接此库的应用程序权限执行任意指令。 LibTIFF LibTIFF 3.8.2 + Debian Linu...

CVE-2008-3175

Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow...

CVE-2008-3175

Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow...

CentOS 3 : rdesktop (CESA-2008:0576)

Updated rdesktop packages that fix a security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft Windows NT Terminal Server and Microsoft...

RHEL 3 : rdesktop (RHSA-2008:0576)

Updated rdesktop packages that fix a security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft Windows NT Terminal Server and Microsoft...

RHEL 4 : rdesktop (RHSA-2008:0725)

Updated rdesktop packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft Windows NT Terminal Server and...

RHEL 5 : rdesktop (RHSA-2008:0575)

An updated rdesktop package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft Windows NT Terminal Server and Microsoft...

rdesktop security update

CentOS Errata and Security Advisory CESA-2008:0576 Updated rdesktop packages that fix a security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for...

rdesktop security update

CentOS Errata and Security Advisory CESA-2008:0575 An updated rdesktop package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for...

Moderate: Red Hat Security Advisory: rdesktop security update

Updated rdesktop packages that fix a security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft Windows NT Terminal Server and Microsoft...

rdesktop: iso_recv_msg() Integer Underflow Vulnerability

Integer underflow in the isorecvmsg function iso.c in rdesktop 1.5.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Remote Desktop Protocol RDP request with a small length field...

rdesktop: iso_recv_msg() Integer Underflow Vulnerability

Integer underflow in the isorecvmsg function iso.c in rdesktop 1.5.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Remote Desktop Protocol RDP request with a small length field...