CVE-2012-6056

Integer overflow in the dissectsackchunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a crafted Duplicate TSN count...

CVE-2012-1173

Multiple integer overflows in tiffgetimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the 1 gtTileSeparate or 2 gtStripSeparate function, leading to a heap-based buffer overflow...

Fedora 16 : libreoffice-3.4.5.2-15.fc16 (2012-8042)

CVE-2012-1149 An integer overflow vulnerability in LibreOffice graphic loading code Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 15 : libpng10-1.0.57-1.fc15 (2012-2008)

This update addresses an integer overflow in the libpng10 PNG library, which could lead to the execution of arbitrary code if a malformed image is processed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

CVE-2012-0864

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

Ubuntu Update for openjdk-6 USN-1263-2

Ubuntu Update for Linux kernel vulnerabilities USN-1263-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN12632.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for openjdk-6 USN-1263-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu: Security Advisory (USN-1263-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1340-1: Linux kernel (Oneiric backport) vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ro...

Preemptive Protection against MPlayer for Windows Calloc Integer Overflow

An integer overflow vulnerability has been reported in MPlayer for Windows...

VLC Media Player XSPF Playlist Integer Overflow Vulnerability (Linux)

The host is installed with VLC Media Player and is prone integer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodvlcmediaplayerxspfintoverflowvulnlin.nasl 7015 2017-08-28 11:51:24Z teissa $ VLC Media Player XSPF Playlist Integer Overflow Vulnerability Linux Authors: Shashi Kiran N...

VideoLAN Releases VLC Media Player 1.1.10

VideoLAN has released VLC Media Player 1.1.10 to address an integer overflow vulnerability in the xspf demuxer. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the release notes for VLC Media Player 1.1.10 a...

CVE-2011-1843

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers...

Integer overflow

Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability....

MS11-031: Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666)

The installed version of the JScript and VBScript scripting engines contains an integer overflow vulnerability that can occur when the scripting engines process a script in a web page and attempt to reallocate memory while decoding the script. If an attacker can trick a user on the affected syste...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7208)

This update brings Mozilla Firefox to version 3.5.15, fixing various bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs...

Winamp < 5.59 build 3033 Multiple Vulnerabilities

The remote host is running Winamp, a media player for Windows. The version of Winamp installed on the remote host is earlier than 5.59 build 3033. Such versions are potentially affected by multiple vulnerabilities : - Winamp loads libraries in an insecure manner. CVE-2010-3137 - An integer overfl...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7083)

Mozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random. Since the pseudo-random number generator was only seeded once per browsing session,...

openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0430-2)

This update brings Mozilla Thunderbird to the 3.0.6 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showe...

nsCSSValue::Array index integer overflow — Mozilla

Security researcher J23 reported via TippingPoint's Zero Day Initiative that an array class used to store CSS values contained an integer overflow vulnerability. The 16 bit integer value used in allocating the size of the array could overflow, resulting in too small a memory buffer being created...

AIX 5.3 TL 12 : bos.net.nfs.client (U830280)

The remote host is missing AIX PTF U830280, which is related to the security of the package bos.net.nfs.client. An integer overflow vulnerability was reported in the rpc.pcnfsd service within the several systems. The rpc.pcnfsd daemon handles requests from PC-NFS clients for authentication servic...