3114 matches found
vlc multiple security vulnerabilities
Integer overflows, buffer overflows...
Ubuntu 14.04 LTS : GNU binutils vulnerabilities (USN-2496-1)
"The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2496-1 advisory. Michal Zalewski discovered that the setupgroup function in libbfd in GNU binutils did not properly check group headers in ELF files. An attacker could u...
USN-2496-1: GNU binutils vulnerabilities
Michal Zalewski discovered that the setupgroup function in libbfd in GNU binutils did not properly check group headers in ELF files. An attacker could use this to craft input that could cause a denial of service application crash or possibly execute arbitrary code. CVE-2014-8485 Hanno Böck...
DEBIAN-CVE-2014-9669
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service out-of-bounds read or memory corruption or possibly have unspecified other impact via a crafted cmap SFNT table...
CVE-2014-9669
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service out-of-bounds read or memory corruption or possibly have unspecified other impact via a crafted cmap SFNT table...
CVE-2014-9669
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service out-of-bounds read or memory corruption or possibly have unspecified other impact via a crafted cmap SFNT table...
CVE-2014-9669
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service out-of-bounds read or memory corruption or possibly have unspecified other impact via a crafted cmap SFNT table...
UBUNTU-CVE-2014-9669
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service out-of-bounds read or memory corruption or possibly have unspecified other impact via a crafted cmap SFNT table...
OracleVM 2.2 : glibc (OVMSA-2015-0024) (GHOST)
The remote OracleVM system is missing necessary patches to address critical security updates : - Switch to use malloc when the input line is too long Orabug 19951108 - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin - Fix parsing of numeric hosts ...
Internet Bug Bounty: Multiple Python integer overflows
These bugs were reported directly to the Python dev team. http://bugs.python.org/issue23369 http://bugs.python.org/issue23365 http://bugs.python.org/issue23364 http://bugs.python.org/issue23366 http://bugs.python.org/issue23363 http://bugs.python.org/issue23490 http://bugs.python.org/issue23362...
Oracle Solaris Third-Party Patch Update : gtk (cve_2012_2370_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in the readbitmapfiledata function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service application crash via a negative 1 height or 2 width in ...
Oracle Solaris Third-Party Patch Update : libxslt (cve_2012_2807_numeric_errors)
The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified...
Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_1173_numeric_errors)
The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in tiffgetimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the 1 gtTileSeparate or 2...
Oracle Solaris Third-Party Patch Update : xorg (multiple_vulnerabilities_in_x_org2)
The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in the 1 FontFileAddEntry and 2 lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a...
SuSE 11.3 Security Update : xorg-x11-server (SAT Patch Number 10108)
The XOrg X11 server was updated to fix 12 security issues : - Denial of service due to unchecked malloc in client authentication. CVE-2014-8091 - Integer overflows calculating memory needs for requests. CVE-2014-8092 - Integer overflows calculating memory needs for requests in GLX extension...
CVE-2014-6272
Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the 1 evbufferadd, 2...
xorg-server: multiple issues
CVE-2014-8091 denial of service X.Org X Window System, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a crafted connection...
CVE-2014-8093
Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a crafted request to th...
CVE-2014-8093
Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a crafted request to th...
CVE-2014-8092
Multiple integer overflows in X.Org X Window System aka X11 or X X11R1 and X.Org Server aka xserver and xorg-server before 1.16.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a crafted request to the 1 ProcPutImage, 2 GetHosts, 3...