114 matches found
Mandriva Linux Security Advisory : freetype2 (MDVSA-2010:137)
Multiple vulnerabilities has been found and corrected in freetype2 : Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519. A heap buffer overflow was discovered in the bytecode support. T...
VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updates
a. Service Console update for COS kernel Updated COS package 'kernel' addresses the security issues that are fixed through versions 2.6.18-164.11.1. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286,...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
CVE-2009-4634
The CVE-2009-4634 issue is a vulnerability in FFmpeg 0.5 involving multiple integer underflows that allow a remote attacker to cause a denial of service and potentially execute arbitrary code via crafted files. Specifically, one vector bypasses a validation in vorbis_dec.c causing a stack pointer...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
Mandriva Update for krb5 MDVSA-2010:006 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2010:006 krb5 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
MIT's Kerberos 5 Patched
A patch for the MIT’s Kerberos 5 implementation is to fix integer underflows in the functions for decrypting AES and RC4 ciphertexts. Read the full article. The H Security...
Mandriva Linux Security Advisory : krb5 (MDVSA-2010:006)
A vulnerability has been found and corrected in krb5 : Multiple integer underflows in the 1 AES and 2 RC4 decryption functionality in the crypto library in MIT Kerberos 5 aka krb5 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service daemon crash or possibly...
CVE-2009-4212
Multiple integer underflows in the 1 AES and 2 RC4 decryption functionality in the crypto library in MIT Kerberos 5 aka krb5 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by providing ciphertext with a...
CVE-2009-4212
Multiple integer underflows in the 1 AES and 2 RC4 decryption functionality in the crypto library in MIT Kerberos 5 aka krb5 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by providing ciphertext with a...
CVE-2009-4212
Multiple integer underflows in the 1 AES and 2 RC4 decryption functionality in the crypto library in MIT Kerberos 5 aka krb5 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by providing ciphertext with a...
CVE-2009-4212
Multiple integer underflows in the 1 AES and 2 RC4 decryption functionality in the crypto library in MIT Kerberos 5 aka krb5 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by providing ciphertext with a...
CVE-2008-3827
Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...
CVE-2008-3827
Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...
CVE-2008-3827
CVE-2008-3827 affects MPlayer 1.0_rc2 and earlier, due to multiple integer underflows in the Real demuxer (demux_real.c) that can cause a remote attacker to read/write arbitrary memory via a crafted Real Media file, potentially leading to code execution or process termination. The vulnerability a...
CVE-2008-3827
Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...
CVE-2008-3144
Multiple integer overflows in the PyOSvsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service memory corruption or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of...