CentOS 6 : t1lib (CESA-2012:0062)

Updated t1lib packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

BitDefender Internet Security 2011 - Pointer Vulnerability

Document Title: =============== BitDefender Internet Security 2011 - Pointer Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=149 Release Date: ============= 2012-01-26 Vulnerability Laboratory ID VL-ID: ====================================...

t1lib: Invalid pointer dereference via crafted Type 1 font

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf...

Debian DSA-2388-1 : t1lib - several vulnerabilities

Several vulnerabilities were discovered in t1lib, a Postscript Type 1 font rasterizer library, some of which might lead to code execution through the opening of files embedding bad fonts. - CVE-2010-2642 A heap-based buffer overflow in the AFM font metrics parser potentially leads to the executio...

[SECURITY] [DSA 2388-1] t1lib security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2388-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez January 14, 2012 http://www.debian.org/security/faq -...

Apache 2.2 - Scoreboard Invalid Free On Shutdown

Source: http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/ Introduction Apache 2.2 webservers may use a shared memory segment to share child process status information scoreboard between the child processes and the parent process running as root. A child running with lowe...

Kaspersky Internet Security Memory Corruption Vulnerability

Kaspersky Internet Security Memory Corruption Vulnerability Vulnerability-Lab Team discovered a Memory & Pointer Corruption Vulnerability on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012. A Memory Corruption vulnerability is detected on Kaspersky Internet Security 2011/20...

CentOS Update for pidgin CESA-2009:1535 centos3 i386

Check for the Version of pidgin OpenVAS Vulnerability Test CentOS Update for pidgin CESA-2009:1535 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

CentOS Update for finch CESA-2009:1536 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for wireshark CESA-2010:0360 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

kernel: panic in ib_cm:cm_work_handler

Race condition in the cmworkhandler function in the InfiniBand driver drivers/infiniband/core/cma.c in Linux kernel 2.6.x allows remote attackers to cause a denial of service panic by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer...

MITKRB5-SA-2011-004 kadmind invalid pointer free() [CVE-2011-0285]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-004 MIT krb5 Security Advisory 2011-004 Original release: 2011-04-12 Last update: 2011-04-12 Topic: kadmind invalid pointer free CVE-2011-0285 CVSSv2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2 Base Score: 10 Access...

Microsoft PowerPoint TimeCommandBehaviorContainer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

kernel: panic in ib_cm:cm_work_handler

Race condition in the cmworkhandler function in the InfiniBand driver drivers/infiniband/core/cma.c in Linux kernel 2.6.x allows remote attackers to cause a denial of service panic by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer...

Integer overflow

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid...

CVE-2011-0764

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf...

Race condition

Race condition in the cmworkhandler function in the InfiniBand driver drivers/infiniband/core/cma.c in Linux kernel 2.6.x allows remote attackers to cause a denial of service panic by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer...

Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within js3250.dll. In the...

acroread: critical APSB11-03

The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compressio...

CVE-2011-0599

The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compressio...