MGASA-2015-0308 Updated ghostscript package fixes security vulnerability

GhostScript is vulnerable to an integer overflow when processing a crafted PostScript file using the ps2pdf command CVE-2015-3228...

Dell Netvault Backup Integer Overflow Vulnerability

Dell Netvault Backup is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Updated ufraw & dcraw packages fix CVE-2015-3885

Updated dcraw and ufraw packages fix security vulnerability: The dcraw tool suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A maliciously craft...

[ MDVSA-2015:090 ] libpng

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:090 http://www.mandriva.com/en/support/security/ Package : libpng Date : March 28, 2015 Affected: Business Server 2.0 Problem Description: Updated libpng package fixes security vulnerabilities: The...

Debian: Security Advisory (DSA-3047-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2015:0870-1 Security update for kvm

kvm has been updated to fix issues in the embedded qemu: CVE-2014-0223: An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could have used this flaw to corrupt QEMU process memory on the host...

MGASA-2014-0351 Updated busybox packages fix CVE-2014-4607

Updated busybox packages fix security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. Busybox bundles part ...

Updated liblzo packages fix CVE-2014-4607

Updated liblzo packages fix security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications performing LZO decompression on a compressed payload from the attacker CVE-2014-4607...

Apple Mac OS X 10.4.x Mach-O Binary Loading Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21291/info Apple Mac OS X is prone to a local integer-overflow vulnerability. This issue occurs when the operating system fails to handle specially crafted binaries. A successful exploit would allow a local attacker to...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0632-1)

Mozilla Firefox was updated to version 3.6.10, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. So...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378)

This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-base...

RedHat Update for pixman RHSA-2013:1869-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2820-1 (nspr - integer overflow)

It was discovered that NSPR, Netscape Portable Runtime library, could crash an application using the library when parsing a certificate that causes an integer overflow. This flaw only affects 64-bit systems. OpenVAS Vulnerability Test $Id: deb2820.nasl 6611 2017-07-07 12:07:20Z cfischer $...

Mozilla Firefox Integer Overflow Vulnerability-01 (Nov 2013) - Windows

Mozilla Firefox is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

CVE-2013-3195

The DSAInsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allo...

CVE-2013-3195

The CVE-2013-3195 vulnerability affects the Windows common control library, specifically the DSA_InsertItem function in Comctl32.dll. It describes an integer/ memory allocation overflow that could allow remote code execution when a crafted value is supplied to an ASP.NET web application, affectin...

ImageMagick Integer Overflow Vulnerability - 01 June13 (Windows)

The host is installed with ImageMagick and is prone to integer overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbimagemagickintegeroverflowvuln01jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Integer Overflow Vulnerability - 01 June13 Windows Authors: Thanga Prakash S...

ImageMagick < 6.7.5-9 Integer Overflow Vulnerability (Jun 2013) - Windows

ImageMagick is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MGASA-2013-0172 Updated php packages fix security vulnerabilies

Heap based buffer overflow in quotedprintableencode in PHP before version 5.4.16 CVE-2013-2110. Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service applicati...

Fedora 17 : OpenImageIO-1.0.11-2.fc17 / gdal-1.9.1-14.fc17.1 / leptonica-1.69-5.fc17 / etc (2013-1473)

Security libwebp release, where an integer overflow allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted WebP image. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...