RHEL 4 / 5 : openoffice.org (RHSA-2008:0175)

Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...

iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability

iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. One of the file formats that OpenOffice supports is Quattro Pro QPRO. This format ...

CVE-2007-5747

CVE-2007-5747 is an OpenOffice.org vulnerability (OpenOffice.org before 2.4) where an integer underflow in the Quattro Pro (QPRO) import path allows a remote attacker to crash the application and potentially execute arbitrary code by crafting values in a QPRO file. The issue can trigger an excess...

Important: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...

CVE-2008-1552

The silcpkcs1decode function in the silccrypt library silcpkcs1.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS1 message, which triggers an integer...

Integer overflow

The silcpkcs1decode function in the silccrypt library silcpkcs1.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS1 message, which triggers an integer...

CVE-2008-1552

The silcpkcs1decode function in the silccrypt library silcpkcs1.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS1 message, which triggers an integer...

CVE-2008-1552

The CVE-2008-1552 issue affects the SILC Toolkit family: the silc_pkcs1_decode function in silccrypt (silcpkcs1.c) enables remote code execution via a crafted PKCS#1 message. Affected products/versions are SILC Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2, indicati...

Debian Security Advisory DSA 659-1 (libpam-radius-auth)

The remote host is missing an update to libpam-radius-auth announced via advisory DSA 659-1. OpenVAS Vulnerability Test $Id: deb6591.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 659-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Important: kernel security and bug fix update

2.6.9-67.0.1.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach Brown orabug 5760648 2.6.9-67.0.1 -kernel ieee80211 off-by-two integer underflow...

DEBIAN-CVE-2007-5849

Integer underflow in the asn1getstring function in the SNMP back end backend/snmp.c for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow...

CVE-2007-5849

Integer underflow in the asn1getstring function in the SNMP back end backend/snmp.c for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow...

CVE-2007-5849

Integer underflow in the asn1getstring function in the SNMP back end backend/snmp.c for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow...

SuSE 10 Security Update : file (ZYPP Patch Number 3034)

An integer underflow within the ELF header parsing has been fixed which could lead to arbitrary code execution. CVE-2007-1536 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc...

Important: kernel security update

CVE-2007-4571 ALSA memory disclosure flaw - Tick divider bugs on x8664 - CVE-2007-5494 openOATOMICLOOKUP leaks dentry - PATCH jbd: wait for already submitted tsyncdatalist buffer to complete Possibility of in-place data destruction - LSPP: audit rule causes kernel 'out of memory' condition and...

kernel ieee80211 off-by-two integer underflow

Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...

Ubuntu 6.10 : linux-source-2.6.17 vulnerabilities (USN-486-1)

The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203 The Omnikey CardMan 4040 driver cm4040cs did not limit the size of buffers passed to read and write. A local attacker could exploit this to execute...

CVE-2007-4997

Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...

CVE-2007-4997

CVE-2007-4997 affects the Linux kernel 2.6.x, including components in net/ieee80211/ieee80211_rx.c, where an off-by-two integer underflow in ieee80211_rx can crash the kernel when a runt IEEE 802.11 frame with the IEEE80211_STYPE_QOS_DATA flag is used. Impact is remote denial of service (kernel c...

CVE-2007-4622

Integer underflow in the dnsnamefromtext function in 1 libdnsnonsecure.a and 2 libdnssecure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" TSIG key command line argument to dig...