CVE-2009-2463

CVE-2009-2463 is a browser vulnerability described for Mozilla Firefox before 3.0.12 (and related Thunderbird/SeaMonkey components in older advisories) involving integer overflows in PL_Base64Decode/PL_Base64Encode within nsprpub/lib/libc/src/base64.c. The issue can trigger memory corruption and ...

CVE-2009-2463

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

CVE-2009-2463

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

Multiple Mozilla Firefox security vulnerabilities

Multiple memory corruptions, crossite access, integer overflows, buffer overflows...

openSUSE Security Update : finch (finch-1088)

Several bugfixes were done for the Instant Messenger Pidgin : - Malformed responses to file transfers could cause a buffer overflow in pidgin CVE-2009-1373 and specially crafted packets could crash it CVE-2009-1375. - The fix against integer overflows in the msn protocol handling was incomplete...

openSUSE Security Update : ghostscript-devel (ghostscript-devel-592)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files CVE-2009-0583, CVE-2009-0584. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

openSUSE Security Update : amarok (amarok-436)

This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135, CVE-2009-0136 %NASLMINLEVEL 70300 C...

openSUSE Security Update : freetype2 (freetype2-794)

Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. CVE-2009-0946 Thanks to Tavis Ormandy who found the bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE Security Update : ruby (ruby-123)

This update of ruby fixes : - a possible information leakage CVE-2008-1145 - a directory traversal bug CVE-2008-1891 in WEBrick - various memory corruptions and integer overflows in array and string handling CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2727,...

openSUSE Security Update : jasper (jasper-303)

Multiple, potentially dangerous integer overflows, buffer overflows and a problem with temporary files have been fixed CVE-2008-3520, CVE-2008-3521, CVE-2008-3522. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

openSUSE Security Update : python (python-360)

Integer Overflows in the python imageop module potentially allowed attackers to execute arbitrary code CVE-2008-4864. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update python-360. The text...

openSUSE Security Update : ghostscript-devel (ghostscript-devel-592)

Integer overflows and missing upper bounds checks in Ghostscript's ICC library potentially allowed attackers to crash Ghostscript or even cause execution of arbitrary code via specially crafted PS or PDF files CVE-2009-0583, CVE-2009-0584. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

openSUSE Security Update : freetype2 (freetype2-794)

Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. CVE-2009-0946 Thanks to Tavis Ormandy who found the bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE Security Update : amarok (amarok-436)

This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135, CVE-2009-0136 %NASLMINLEVEL 70300 C...

GLSA-200907-16 : Python: Integer overflows

The remote host is affected by the vulnerability described in GLSA-200907-16 Python: Integer overflows Chris Evans reported multiple integer overflows in the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the unicodeexpandtabs function in...

Fedora 11 : libtiff-3.8.2-14.fc11 (2009-7775)

CVE-2009-2347 libtiff: integer overflows in various inter-color spaces conversion tools crash, ACE Not the same as last week's libtiff security issue ... Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

Python: Integer overflows

Background Python is an interpreted, interactive, object-oriented programming language. Description Chris Evans reported multiple integer overflows in the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the unicodeexpandtabs function in...

CVE-2009-2347

Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a cvtwholeimage...