Fedora 10 : argyllcms-1.0.3-4.fc10 (2009-3435)

Multiple integer overflows and multiple insufficient upper-bounds checks on certain variable sizes were originally discovered in the Ghostscript's International Color Consortium Format Library icclib. It was found, the original patch, addressing this issue was incomplete. Note that Tenable Networ...

FreeBSD : tiff -- multiple integer overflows (3897a2f8-1d57-11d9-bc4a-000c41e2cdad)

Dmitry V. Levin discovered numerous integer overflow bugs in libtiff. Most of these bugs are related to memory management, and are believed to be exploitable for arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : lcms vulnerabilities (USN-744-1)

Chris Evans discovered that LittleCMS did not properly handle certain error conditions, resulting in a large memory leak. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could cause a denial of service. CVE-2009-0581 Chris Evans...

Fedora 10 : ghostscript-8.63-6.fc10 (2009-3709)

This update fixes several security flaws: CVE-2009-0792 multiple integer overflows and missing upper-bounds checks in icclib, CVE-2009-0196 missing boundary check in jbig2dec library, and CVE-2008-6679 buffer overflow in pdfwrite device. Note that Tenable Network Security has extracted the...

Mandriva Linux Security Advisory : glib2.0 (MDVSA-2009:080)

Multiple integer overflows in GLib's Base64 encoding and decoding functions enable attackers possibly remote ones, depending on the applications glib2 is linked against with - mostly GNOME ones either to cause denial of service and to execute arbitrary code via an untrusted input CVE-2008-4316...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : ghostscript, gs-esp, gs-gpl vulnerabilities (USN-757-1)

It was discovered that Ghostscript contained a buffer underflow in its CCITTFax decoding filter. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program...

CVE-2009-0147

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2Stream::readSymbolDictSeg, 2 JBIG2Stream::readSymbolDictSeg, and 3...

Mandriva Linux Security Advisory : python (MDVSA-2009:003)

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different...

Fedora 10 : ghostscript-8.63-5.fc10 (2009-2885)

Security update for integer overflows CVE-2009-0583 and upper bounds checks CVE-2009-0584 in the ICC profile handling. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and form...

Mandriva Linux Security Advisory : python (MDVSA-2008:163)

Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows CVE-2008-1679. This was due to an incomplete fix for...

FreeBSD : xpdf -- multiple vulnerabilities (a21037d5-2c38-11de-ab3b-0017a4cccfc6)

Secunia reports : Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and...

Ubuntu USN-757-1 (gs-gpl)

The remote host is missing an update to gs-gpl announced via advisory USN-757-1. OpenVAS Vulnerability Test $Id: ubuntu7571.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7571.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-757-1 gs-gpl Authors: Thomas Rein...

Fedora Core 9 FEDORA-2009-3710 (ghostscript)

The remote host is missing an update to ghostscript announced via advisory FEDORA-2009-3710. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

Ubuntu: Security Advisory (USN-757-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: freetype2

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fedora Core 10 FEDORA-2009-3709 (ghostscript)

The remote host is missing an update to ghostscript announced via advisory FEDORA-2009-3709. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

LittleCMS: Multiple vulnerabilities

Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP and Firefox. Description RedHat reported a null-pointer dereference flaw while processing monochrome ICC profiles CVE-2009-0793. Chris Evans of Google...

DEBIAN-CVE-2009-0946

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in 1 smooth/ftsmooth.c, 2 sfnt/ttcmap.c, and 3 cff/cffload.c...

CVE-2009-0946

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in 1 smooth/ftsmooth.c, 2 sfnt/ttcmap.c, and 3 cff/cffload.c...

CVE-2009-0946

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in 1 smooth/ftsmooth.c, 2 sfnt/ttcmap.c, and 3 cff/cffload.c...