SUSE-SA:2006:063: Qt

The remote host is missing the patch for the advisory SUSE-SA:2006:063 Qt. Multiple integer overflows have been found in image processing functions within the Qt class library, used for instance by the web browser 'konqueror' and its rendering engine 'khtml'. These problems could potentially lead...

Mandrake Linux Security Advisory : wv (MDKSA-2006:202)

Multiple integer overflows in the WV library in wvWare formerly mswordview before 1.2.3, as used by AbiWord?, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word DOC file that produces 1 large LFO clfolvl values in the...

Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:006)

Several integer overflows were discovered in the OpenOffice.org WMF file processor. An attacker could create a carefully crafted WMF file that would cause OpenOffice.org to execute arbitrary code when opened. Updated packages are patched to address this issue. %NASLMINLEVEL 70300 C Tenable Networ...

SUSE-SA:2006:037: freetype2, freetype2-devel

The remote host is missing the patch for the advisory SUSE-SA:2006:037 freetype2, freetype2-devel. The freetype2 library renders TrueType fonts for open source projects. More than 900 packages on SUSE Linux use this library. Therefore the integer overflows in this code found by Josh Bressers and...

GLSA-200701-07 : OpenOffice.org: EMF/WMF file handling vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-07 OpenOffice.org: EMF/WMF file handling vulnerabilities John Heasman of NGSSoftware has discovered integer overflows in the EMRPOLYPOLYGON and EMRPOLYPOLYGON16 processing and an error within the handling of METAESCAPE...

Mac OS X / Apple Finder multiple file system parsing vulnerabilities

Buffer overflow on oversized DMG volume label in Apple Finder. Integer overflows on UFS DMG image parsing. DoS on processing UFS and HFS+ volumes...

OpenOffice.org: EMF/WMF file handling vulnerabilities

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered integer overflows in the EMRPOLYPOLYGON and...

X.org / XFree68 multiple integer overflows

Integer overflow in DBE and Renderer extensions...

[USN-403-1] X.org vulnerabilities

=========================================================== Ubuntu Security Notice USN-403-1 January 09, 2007 xorg, xorg-server vulnerabilities CVE-2006-6101, CVE-2006-6102, CVE-2006-6103 =========================================================== A security issue affects the following Ubuntu...

Microsoft VML buffer overflow

Buffer overflow and integer overflows on Vector Markup Language parsing. May be used for hidden malware installation...

CVE-2006-5870

Multiple integer overflows in OpenOffice.org OOo 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted a WMF or b EMF file that triggers heap-based buffer overflows in 1 wmf/winwmf.cxx,...

CVE-2006-5870

Multiple integer overflows in OpenOffice.org OOo 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted a WMF or b EMF file that triggers heap-based buffer overflows in 1 wmf/winwmf.cxx,...

CVE-2006-5870

Multiple integer overflows in OpenOffice.org OOo 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted a WMF or b EMF file that triggers heap-based buffer overflows in 1 wmf/winwmf.cxx,...

Mandrake Linux Security Advisory : ImageMagick (MDKSA-2006:155)

Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. CVE-2006-3743 Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun bitmap images that...

GLSA-200612-01 : wv library: Multiple integer overflows

The remote host is affected by the vulnerability described in GLSA-200612-01 wv library: Multiple integer overflows The wv library fails to do proper arithmetic checks in multiple places, possibly leading to integer overflows. Impact : An attacker could craft a malicious file that, when handled...

Important xorg-x11 security update

6.8.2-1.EL.13.37.2.1 - Add oracle detection to Imake and xprint 6.8.2-1.EL.13.37.2 - Fix for CID font parser integer overflows. CVE-2006-3470, 204548 - Remove withalternateprojectroot macros...

OWASP JBroFuzz 0.3 Fuzzer Released!

JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. Apart from fancy terminology, JBroFuzz 0.3 has inbuilt the following Generators ready to be used: basic cross site scripting checks XSS basic S...

Moderate ImageMagick security update

6.0.7.1-16 - fix more integer overflows 202771, CVE-2006-4144 6.0.7.1-15 - fix several integer and buffer overflows 202193, CVE-2006-3743...

CVE-2006-5937

Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted 1 CAB or 2 RAR archives that trigger a heap-based buffer overflow. NOTE: some of these details are obtained from third party information...

CVE-2006-5937

CVE-2006-5937 relates to multiple integer overflows in Grisoft AVG Anti-Virus prior to 7.1.407. The vulnerability allows remote attackers to execute arbitrary code by supplying crafted CAB or RAR archives that trigger a heap-based buffer overflow. Publicly included references note this involves r...