CVE-2009-3296

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows...

Mandriva Linux Security Advisory : cups (MDVSA-2009:282-1)

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2Stream::readSymbolDictSeg, 2 JBIG2Stream::readSymbolDictSeg, and 3...

Debian Security Advisory DSA 1912-1 (camlimages)

The remote host is missing an update to camlimages announced via advisory DSA 1912-1. OpenVAS Vulnerability Test $Id: deb19121.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1912-1 camlimages Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Debian: Security Advisory (DSA-1912-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandrake Security Advisory MDVSA-2009:264 (gd)

The remote host is missing an update to gd announced via advisory MDVSA-2009:264. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

xpdf: multiple integer overflows

Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PDF file that trigger...

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Proje...

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Proje...

CVE-2009-3691

Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM Informix Client SDK 3.0 and 3.50 and Informix Connect Runtime 3.x allow remote attackers to execute arbitrary code via a .nfx file with a crafted 1 HostSize, and possibly 2 ProtoSize and 3 ServerSize, field that triggers a stack-based...

openSUSE 10 Security Update : OpenEXR (OpenEXR-6393)

This update of OpenEXR fixes seceral integer overflows CVE-2009-1720 and a denial-of-service probably execution of arbitrary code bug CVE-2009-1721. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

openSUSE 10 Security Update : xemacs (xemacs-6412)

Specially crafted tiff, png and jpeg images could cause integer overflows in xemacs and possible system compromise. CVE-2009-2688 Additionally two non-security bugs were fixed that enable xemacs to use the configured fonts. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

openSUSE 10 Security Update : gstreamer010-plugins-good (gstreamer010-plugins-good-6295)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

Mandrake Security Advisory MDVSA-2009:243-1 (freetype2)

The remote host is missing an update to freetype2 announced via advisory MDVSA-2009:243-1. OpenVAS Vulnerability Test $Id: mdksa20092431.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:243-1 freetype2 Authors: Thomas Reinke Copyright: Copyright c 200...

Mandrake Security Advisory MDVSA-2009:243 (freetype2)

The remote host is missing an update to freetype2 announced via advisory MDVSA-2009:243. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:243-1 (freetype2)

The remote host is missing an update to freetype2 announced via advisory MDVSA-2009:243-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

SuSE9 Security Update : freetype2 (YOU Patch Number 12398)

Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. CVE-2009-0946 Thanks to Tavis Ormandy who found the bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE 11 Security Update : libtiff (SAT Patch Number 1172)

This update of the tiff package fixes various integer overflows in the tools. CVE-2009-2347 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

SuSE 10 Security Update : Ghostscript (ZYPP Patch Number 6066)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files. CVE-2009-0583 / CVE-2009-0584 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SuSE 11 Security Update : Ghostscript (SAT Patch Number 636)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files. CVE-2009-0583 / CVE-2009-0584 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SuSE9 Security Update : e2fsprogs (YOU Patch Number 12019)

This update of e2fsprogs fixes several integer overflows in memory allocating code. Programs that use libext2fs are therefore vulnerable to memory corruptions that can lead to arbitrary code execution while loading a specially crafted image. CVE-2007-5497 %NASLMINLEVEL 70300 C Tenable Network...