3115 matches found
wireshark: Multiple Denial of Service flaws
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service loop or application crash via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector...
CVE-2013-4511
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...
CVE-2013-4511
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...
CVE-2013-4511
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...
CVE-2013-4511
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...
CVE-2013-4511
CVE-2013-4511 concerns multiple integer overflows in the Linux kernel’s Alchemy LCD frame-buffer drivers (au1100fb_fb_mmap and au1200fb_fb_mmap). The issue allows a local attacker to craft mmap operations to create a read-write mapping of kernel memory, enabling privilege escalation. The descript...
CVE-2012-4502
Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service crash via a crafted 1 REQSUBNETSACCESSED or 2 REQCLIENTACCESSES command request to the PKLCommandLength function or crafted 3 RPYSUBNETSACCESSED, 4 RPYCLIENTACCESSES, 5...
CVE-2012-4502
Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service crash via a crafted 1 REQSUBNETSACCESSED or 2 REQCLIENTACCESSES command request to the PKLCommandLength function or crafted 3 RPYSUBNETSACCESSED, 4 RPYCLIENTACCESSES, 5...
CVE-2012-4502
Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service crash via a crafted 1 REQSUBNETSACCESSED or 2 REQCLIENTACCESSES command request to the PKLCommandLength function or crafted 3 RPYSUBNETSACCESSED, 4 RPYCLIENTACCESSES, 5...
CVE-2013-4397
Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...
CVE-2013-4332
Multiple integer overflows in malloc/malloc.c in the GNU C Library aka glibc or libc6 2.18 and earlier allow context-dependent attackers to cause a denial of service heap corruption via a large value to the 1 pvalloc, 2 valloc, 3 posixmemalign, 4 memalign, or 5 alignedalloc functions...
CVE-2013-4332
Multiple integer overflows in malloc/malloc.c in the GNU C Library aka glibc or libc6 2.18 and earlier allow context-dependent attackers to cause a denial of service heap corruption via a large value to the 1 pvalloc, 2 valloc, 3 posixmemalign, 4 memalign, or 5 alignedalloc functions...
CVE-2013-4332
Multiple integer overflows in malloc/malloc.c in the GNU C Library aka glibc or libc6 2.18 and earlier allow context-dependent attackers to cause a denial of service heap corruption via a large value to the 1 pvalloc, 2 valloc, 3 posixmemalign, 4 memalign, or 5 alignedalloc functions...
glibc security and bug fix update
2.5-118.2 - Fix integer overflows in valloc and memalign. 1011804. 2.5-118.1 - Add support for newer L3 caches on x86-64 and correctly count the number of hardware threads sharing a cacheline 1011424...
[slackware-security] glibc (SSA:2013-260-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security glibc SSA:2013-260-01 New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Memory corruptions, integer overdlows, privilege escalations, code executions, information leakage...
[slackware-security] glibc
New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/glibc-2.15-i486-8slack14.0.txz: Rebuilt. Patched to fix integer overflows in pvalloc, valloc, and...
Debian: Security Advisory (DSA-2462-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2462-2 (imagemagick - several vulnerabilities)
Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service. OpenVAS Vulnerability Test $Id: deb24622.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory D...
CVE-2013-3077
Multiple integer overflows in the IPMSFILTER and IPV6MSFILTER features in 1 sys/netinet/inmcast.c and 2 sys/netinet6/in6mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write...