GLSA-200603-03 : MPlayer: Multiple integer overflows

The remote host is affected by the vulnerability described in GLSA-200603-03 MPlayer: Multiple integer overflows MPlayer makes use of the FFmpeg library, which is vulnerable to a heap overflow in the avcodecdefaultgetbuffer function discovered by Simon Kilvington see GLSA 200601-06. Furthermore,...

eStara Softphone SIP VoIP phone buffer overflow

Buffer overflow on oversized SIP packet attribute field. Integer overflows and format string bugs...

CVE-2006-0579

Multiple integer overflows in 1 the newdemuxpacket function in demuxer.h and 2 the demuxasfreadpacket function in demuxasf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this informati...

CVE-2006-0579

Multiple integer overflows in 1 the newdemuxpacket function in demuxer.h and 2 the demuxasfreadpacket function in demuxasf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this informati...

CVE-2006-0579

CVE-2006-0579 affects MPlayer up to the 1.0pre7ty2 line, due to two integer/heap overflows in ASF demuxing code: new_demux_packet in libmpdemux/demuxer.h and demux_asf_read_packet in libmpdemux/demux_asf.c. The flaws enable remote attackers to execute arbitrary code by feeding a crafted ASF file ...

Multiple Mozilla / Firefox / Thinderbird vulnerabilities

Javascript code execution, heap memory corruption with styles, memory corruption with QueryInterface, code execution with XULDocument.persist, multiple integer overflows, information leak from nsExpatDriver::ParseBuffer. Silen trojan code installation is potentially possible...

CVE-2006-0297

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the 1 EscapeAttributeValue in jsxml.c for E4X, 2 nsSVGCairoSurface::Init in SVG, and 3...

CVE-2006-0297

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the 1 EscapeAttributeValue in jsxml.c for E4X, 2 nsSVGCairoSurface::Init in SVG, and 3...

CVE-2006-0297

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the 1 EscapeAttributeValue in jsxml.c for E4X, 2 nsSVGCairoSurface::Init in SVG, and 3...

CVE-2006-0297

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the 1 EscapeAttributeValue in jsxml.c for E4X, 2 nsSVGCairoSurface::Init in SVG, and 3...

[ GLSA 200601-17 ] Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows

Gentoo Linux Security Advisory GLSA 200601-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

CVE-2006-0474

CVE-2006-0474 affects Shareaza 2.2.1.0 with multiple integer overflows: in ReadBuffer (BTPacket.cpp, EDPacket.cpp) from large packet length fields and in Write (Packet.h) from large packets. Result: remote arbitrary code execution. Remediation: update to latest version. Affected product: Shareaza...

CVE-2006-0474

Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via 1 a large packet length field, which causes an overflow in the ReadBuffer function in a BTPacket.cpp and b EDPacket.cpp, or 2 a large packet, which causes a heap-based overflow in the Write functio...

Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows

Background Xpdf is a PDF file viewer that runs under the X Window System. Poppler is a PDF rendering library based on the Xpdf 3.0 code base. GPdf is a PDF file viewer for the GNOME 2 platform, also based on Xpdf. libextractor is a library which includes Xpdf code to extract arbitrary meta-data...

Shareaza peeer-to-peer network client multiple integer overflows

Multiple integer overflows in different functions...

Ubuntu 4.10 / 5.04 / 5.10 : xpdf/cupsys/tetex-bin/kdegraphics/koffice vulnerabilities (USN-227-1)

infamous41md discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, tetex-bin, KOffice, and kpdf. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the...

RHEL 2.1 / 3 / 4 : tetex (RHSA-2006:0160)

Updated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input and creates a...

Ubuntu 4.10 : php4 vulnerabilities (USN-99-1)

Stefano Di Paola discovered integer overflows in PHP's pack and unpack functions. A malicious PHP script could exploit these to break out of safe mode and execute arbitrary code with the privileges of the PHP interpreter. CAN-2004-1018 Note: The second part of CAN-2004-1018 buffer overflow in the...

Mandrake Linux Security Advisory : binutils (MDKSA-2005:215)

Integer overflows in various applications in the binutils package may allow attackers to execute arbitrary code via a carefully crafted object file. The updated packages have been patched to help address these problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

USN-236-2: xpdf vulnerabilities in kword, kpdf

USN-236-1 fixed several vulnerabilities in xpdf. kpdf and kword contain copies of xpdf code and are thus vulnerable to the same issues. For reference, this is the original advisory: Chris Evans discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, a...