3104 matches found
security flaw
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889...
[KDE security advisory] Multiple integer overflows in kpdf
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: kpdf integer overflows Original Release Date: 2004-10-21 URL: http://www.kde.org/info/security/advisory-20041021-1.txt 0. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888...
Multiple libpng bugs
Stack overflow, NULL pointer dereference, integer overflows...
SUSE-SA:2004:038: libtiff
The remote host is missing the patch for the advisory SUSE-SA:2004:038 libtiff. libtiff is used by image viewers and web browser to view 'TIFF' images. These usually open and display those images without querying the user, making a normal system by default vulnerable to exploits of image library...
[SECURITY] [DSA 573-1] New cupsys packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 573-1 [email protected] http://www.debian.org/security/ Martin Schulze October 21st, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 561-1] New libxpm packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 561-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 560-1] New lesstif packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 560-1 [email protected] http://www.debian.org/security/ Martin Schulze October 7th, 2004 http://www.debian.org/security/faq -...
Debian DSA-313-1 : ethereal - buffer overflows, integer overflows
Timo Sirainen discovered several vulnerabilities in ethereal, a network traffic analyzer. These include one-byte buffer overflows in the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB, SMPP, and TSP dissectors, and integer overflows in the Mount and PPP dissectors. %NASLMINLEVEL...
Debian DSA-165-1 : postgresql - buffer overflows
Mordred Labs and others found several vulnerabilities in PostgreSQL, an object-relational SQL database. They are inherited from several buffer overflows and integer overflows. Specially crafted long date and time input, currency, repeat data and long timezone names could cause the PostgreSQL serv...
Debian DSA-232-1 : cupsys - several vulnerabilities
Multiple vulnerabilities were discovered in the Common Unix Printing System CUPS. Several of these issues represent the potential for a remote compromise or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2002-1383: Multiple integer...
CVE-2004-0688
The OpenMotif-related entries include CVE-2004-0687 and CVE-2004-0688, with multiple OpenMotif packages (e.g., openmotif, openmotif-libs, openmotif-devel) listed in several advisories. Ubuntu/USN-27-1 and Red Hat/SUSE advisories reference these CVEs alongside broader OpenMotif fixes, indicating t...
CVE-2004-0688
Multiple integer overflows in 1 the xpmParseColors function in parse.c, 2 XpmCreateImageFromXpmImage, 3 CreateXImage, 4 ParsePixels, and 5 ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file...
gdk-pixbuf -- image decoding vulnerabilities
Chris Evans discovered several flaws in the gdk-pixbuf XPM image decoder: Heap-based overflow in pixbufcreatefromxpm Stack-based overflow in xpmextractcolor Integer overflows in io-ico.c Some of these flaws are believed to be exploitable...
mozilla -- BMP decoder vulnerabilities
Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution...
SUSE-SA:2004:028: kernel
The remote host is missing the patch for the advisory SUSE-SA:2004:028 kernel. Various signedness issues and integer overflows have been fixed within kNFSd and the XDR decode functions of kernel 2.6. These bugs can be triggered remotely by sending a package with a trusted source IP address and a...
CVE-2004-0599
CVE-2004-0599 describes multiple integer overflow vulnerabilities in libpng up to version 1.2.5 and earlier, affecting the PNG reading paths (png_read_png in pngread.c, png_handle_sPLT in pngrutil.c, and progressive display reading). Exploitation could allow a remote attacker to crash the applica...
CVS 1.11.x - Multiple Vulnerabilities
CVS 1.11.x - Multiple Vulnerabilities // source: https://www.securityfocus.com/bid/10499/info CVS is prone to multiple vulnerabilities. The issues include a double free vulnerability, format string vulnerabilities, and integer overflows. There is also a null termination issue in the security patc...
CVS 1.11.x - Multiple Vulnerabilities
// source: https://www.securityfocus.com/bid/10499/info CVS is prone to multiple vulnerabilities. The issues include a double free vulnerability, format string vulnerabilities, and integer overflows. There is also a null termination issue in the security patch for BID 10384, potentially leading t...
ASN.1 Multiple Integer Overflows (SMTP check)
The remote Windows host has an ASN.1 library with multiple integer overflow vulnerabilities. These issues could lead to a heap-based buffer overflow. A remote attacker could exploit these issues to execute arbitrary code. This particular check sent a malformed SMTP authorization packet and...
CVE-2003-0818
CVE-2003-0818 covers a heap-based overflow in the Microsoft ASN.1 library (MSASN1.DLL) used by Windows components (LSASS.EXE, CRYPT32.DLL) on Windows NT 4.0/2000/XP. The vulnerability affects BER decoding of ASN.1 data, with two vectors: (1) very large length fields overwriting heap data, and (2)...