SuSE 10 Security Update : gzip (ZYPP Patch Number 6793)

The following bug has been fixed : Specially crafted gzip archives could trigger integer overflows. Attackers could exploit that to crash gzip or potentially execute arbitrary code CVE-2010-0001. Only 64bit architectures are affected by this flaw. %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE 10 Security Update : libapr1 (ZYPP Patch Number 6545)

This update of libapr-util1 and libapr1 fixes multiple integer overflows that could probably be used to execute arbitrary code remotely. CVE-2009-2412 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

SuSE 10 Security Update : libtiff (ZYPP Patch Number 7052)

This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. CVE-2010-1411 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

CVE-2010-3442

Multiple integer overflows in the sndctlnew function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted 1 SNDRVCTLIOCTLELEMADD or 2...

CVE-2010-3442

Multiple integer overflows in the sndctlnew function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted 1 SNDRVCTLIOCTLELEMADD or 2...

CVE-2010-3442

Multiple integer overflows in the sndctlnew function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted 1 SNDRVCTLIOCTLELEMADD or 2...

openSUSE Security Update : libgdiplus0 (openSUSE-SU-2010:0665-1)

This update fixes three integer overflows found by Secunia Research member Stefan Cornelius that could possibly be exploited to execute arbitrary code : - 'gdiploadtiffimage' by processing specially crafted TIFF images - 'gdiploadjpegimageinternal' by processing specially crafted JPEG images -...

openSUSE Security Update : libgdiplus0 (openSUSE-SU-2010:0665-1)

This update fixes three integer overflows found by Secunia Research member Stefan Cornelius that could possibly be exploited to execute arbitrary code : - 'gdiploadtiffimage' by processing specially crafted TIFF images - 'gdiploadjpegimageinternal' by processing specially crafted JPEG images -...

Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities

Multiple memory corruptions, integer overflows, buffer overflows, code execution, crossite scripting...

libgdiplus / Mono multiple integer overflows

Multiple integer overflows on BPM, JPEG, TIFF parsing...

OpenOffice integer overflows

Integer overflows in Impress...

CVE-2010-3000

Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted 1 HXFLVMETAAMFTYPEMIXEDARRAY or 2 HXFLVMETAAMFTYPEARRAY data in an FLV file...

CVE-2010-3000

Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted 1 HXFLVMETAAMFTYPEMIXEDARRAY or 2 HXFLVMETAAMFTYPEARRAY data in an FLV file...

CVE-2010-2879

Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted 1 element count or 2 element size value in a file...

Autonomy KeyView multiple security vulnerabilities

Buffer overflows, integer overflows, memory corruptions...

CVE-2010-1526

Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via 1 a crafted TIFF file, related to the gdiploadtiffimage function in tiffcodec.c; 2 a crafted JPEG file, related to the gdiploadjpegimageinternal function in jpegcodec.c; or 3 a crafted B...

CVE-2010-1526

Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via 1 a crafted TIFF file, related to the gdiploadtiffimage function in tiffcodec.c; 2 a crafted JPEG file, related to the gdiploadjpegimageinternal function in jpegcodec.c; or 3 a crafted B...

CVE-2010-1526

CVE-2010-1526 targets libgdiplus (2.6.7) used by Mono. The vulnerability consists of three heap-based/integer overflows in image decoders: gdip_load_tiff_image() (TIFF), gdip_load_jpeg_image_internal() (JPEG), and gdip_read_bmp_image() (BMP). Successful exploitation could lead to arbitrary code e...

CVE-2010-1526

Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via 1 a crafted TIFF file, related to the gdiploadtiffimage function in tiffcodec.c; 2 a crafted JPEG file, related to the gdiploadjpegimageinternal function in jpegcodec.c; or 3 a crafted B...

CVE-2010-1526

Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via 1 a crafted TIFF file, related to the gdiploadtiffimage function in tiffcodec.c; 2 a crafted JPEG file, related to the gdiploadjpegimageinternal function in jpegcodec.c; or 3 a crafted B...