3104 matches found
CVE-2005-2450
CVE-2005-2450 affects ClamAV up to version 0.86.1, with multiple integer overflows in the TNEF, CHM, and FSG file format processors within libclamav. The vulnerability allows a remote attacker to gain privileges by sending a crafted e-mail message, as stated by multiple advisories. The dependency...
CVE-2005-2450
Multiple integer overflows in the 1 TNEF, 2 CHM, or 3 FSG file format processors in libclamav for Clam AntiVirus ClamAV 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message...
GLSA-200507-25 : Clam AntiVirus: Integer overflows
The remote host is affected by the vulnerability described in GLSA-200507-25 Clam AntiVirus: Integer overflows Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats. Impact : By sending a specially crafted fi...
Debian DSA-767-1 : ekg - integer overflows
Marcin Slusarz discovered two integer overflow vulnerabilities in libgadu, a library provided and used by ekg, a console Gadu Gadu client, an instant messaging program, that could lead to the execution of arbitrary code. The library is also used by other packages such as kopete, which should be...
CVE-2005-1852
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an incoming message...
CVE-2005-1852
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an incoming message...
CVE-2005-1852
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an incoming message...
Clam AntiVirus: Integer overflows
Background Clam AntiVirus is a GPL anti-virus toolkit, designed for integration with mail servers to perform attachment scanning. Clam AntiVirus also provides a command line scanner and a tool for fetching updates of the virus database. Description Neel Mehta and Alex Wheeler discovered that Clam...
Multiple ClamAV antivirus integer overflows
Integer overflows on multiple file formats TNEF, CHM, FSG parsing lead to heap corruption...
security flaw
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an incoming message...
FreeBSD : xli -- integer overflows in image size calculations (bfbbd505-3bd6-409c-8c67-445d3635cf4b)
Tavis Ormandy discovered several integer overflows in xli's image size handling. A maliciously crafted image may be able to cause a heap buffer overflow and execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
FreeBSD : imlib -- xpm heap buffer overflows and integer overflows (2001103a-6bbd-11d9-851d-000a95bc6fae)
Pavel Kankovsky reports : Imlib affected by a variant of CAN-2004-0782 too. I've discovered more vulnerabilities in Imlib 1.9.13. In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw 1 CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt. Look at the...
FreeBSD : mozilla -- BMP decoder vulnerabilities (ab9c559e-115a-11d9-bc4a-000c41e2cdad)
Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database...
[SECURITY] [DSA 743-1] New ht packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 743-1 [email protected] http://www.debian.org/security/ Martin Schulze July 8th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 743-1] New ht packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 743-1 [email protected] http://www.debian.org/security/ Martin Schulze July 8th, 2005 http://www.debian.org/security/faq -...
Debian DSA-743-1 : ht - buffer overflows, integer overflows
Several problems have been discovered in ht, a viewer, editor and analyser for various executables, that may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-1545 Tavis Ormandy of the Gentoo Linux Security Tea...
Multiple gdb GNU debugger vulnerabilities
Multiple vulnerabilities, including integer overflows...
qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests
Georgi Guninski writes: There are several issues with qmail on 64 bit platforms - classical integer overflow, pointer with signed index and signedness problem not counting the memory consumtion dos, which just helps. Update: the problem with the signed index is exploitable on Freebsd 5.4 amd64 wi...
[SECURITY] [DSA 701-2] New samba packages fix correct sporadic crash
-------------------------------------------------------------------------- Debian Security Advisory DSA 701-2 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2005 http://www.debian.org/security/faq -...
CVE-2000-1219
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows...