FreeBSD : xorg -- protocol handling issues in X Window System client libraries (2eebebff-cd3b-11e2-8f09-001b38c3836c)

freedesktop.org reports : Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most...

Multiple vulnerabilities in libelf PV kernel handling

ISSUE DESCRIPTION The ELF parser used by the Xen tools to read domains' kernels and construct domains has multiple integer overflows, pointer dereferences based on calculations from unchecked input values, and other problems. This corresponds to the following CVEs: CVE-2013-2194 XEN XSA-55 intege...

PT-2013-1159 · Mesa +4 · Mesa-Libgl +6

Name of the Vulnerable Software and Affected Versions: Mesa versions prior to 9.1.1 Mesa versions 6.5.1 Mesa-libGL versions 6.5.1 through 9.0 Mesa-libGLU versions 6.5.1 through 9.0 Mesa-libOSMesa versions 6.5.1 through 9.0 xorg-server versions prior to 1.14.3-r2 Description: The issue is related ...

[SECURITY] [DSA 2693-1] libx11 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2693-1 [email protected] http://www.debian.org/security/ Raphael Geissert May 24, 2013 http://www.debian.org/security/faq -...

RHEL 6 : mesa (RHSA-2013:0897)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0897 advisory. - Mesa: Memory corruption OOB read/write on intel drivers CVE-2013-1872 - Mesa: Multiple integer overflows leading to heap-based bufer...

Debian DSA-2693-1 : libx11 - several vulnerabilities

Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...

[SECURITY] [DSA 2690-1] libxxf86dga security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2690-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2684-1] libxrandr security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2684-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2677-1] libxrender security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2677-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2683-1] libxi security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2683-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2685-1] libxp security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2685-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2679-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2674-1] libxv security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2674-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2681-1] libxcursor security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2681-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2688-1] libxres security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2688-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2675-2] libxvmc regression update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2675-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 24, 2013 http://www.debian.org/security/faq -...

CVE-2013-3561

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service loop or application crash via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector...

CVE-2013-3561

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service loop or application crash via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector...

CVE-2013-3561

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service loop or application crash via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector...

CVE-2013-3561

Wireshark 1.8.x vulnerable to CVE-2013-3561 (and related in the list) due to multiple integer overflows in the Websocket, MySQL, and ETCH dissectors when processing malformed packets. Affected version: Wireshark 1.8.x prior to 1.8.7. Impact: remote denial of service via loop or application crash....