gimp security update

CentOS Errata and Security Advisory CESA-2007:0343-01 Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GIMP GNU Image Manipulation Program is an...

CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

Buffer overflow

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

DEBIAN-CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

USN-435-1: Xine vulnerability

Moritz Jodeit discovered that the DirectShow loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges...

knorrede-sql.txt

Author: Sebastian Bauer Web: http://blog.gjl-network.net Date: 01/12/07 Vuln. website: http://www.knorr.de Vulnerability: SQL Injection mainly login authentication bypass + any other SQL inj. possibility, XSS Significance: Very Critical ---------------------------------------------------------...

MDKA-2006:030 : imlib2

The tiff loader from imlib2 crashes when processing images on the x8664 platform. This was reported when using digikam on x8664, which uses this loader. Updated packages are provided that correct the issue. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch ...

Mandrake Linux Security Advisory : imlib2 (MDKSA-2006:198-1)

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...

Moderate: gtk2 security update

2.4.13-22 - Fix a problem with the pixbuf loader closing patch 2.4.13-21 - Make update scripts handle slight variations in 2.4.13-20 - Fix error handling in pixbuf loaders 218932, CVE-2007-0010 -------------- next part -------------- An HTML attachment was scrubbed... URL:...

USN-410-1: poppler vulnerability

The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library. kpdf in Ubuntu 5.10, and KOffice i...

Design/Logic Flaw

ChainKey Java Code Protection allows attackers to decompile Java class files via a Java class loader with a modified defineClass method that saves the bytecode to a file before it is passed to the JVM...

CVE-2007-0014

ChainKey Java Code Protection allows attackers to decompile Java class files via a Java class loader with a modified defineClass method that saves the bytecode to a file before it is passed to the JVM...

CVE-2007-0014

The CVE-2007-0014 issue concerns ChainKey Java Code Protection. Affected component: a Java class loader with a modified defineClass method that saves the bytecode to a file before passing it to the JVM, enabling decompilation of Java class files. The vulnerability is described as a local-attack r...

[SECURITY] Fedora Core 6 Update: mono-1.1.17.1-4.fc6

The Mono runtime implements a JIT engine for the ECMA CLI virtual machine as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries...

McAfee VirusScan: Insecure DT_RPATH

Background McAfee VirusScan for Linux is a commercial antivirus solution for Linux. Description Jakub Moc of Gentoo Linux discovered that McAfee VirusScan was distributed with an insecure DTRPATH which included the current working directory, rather than $ORIGIN which was probably intended. Impact...

GLSA-200612-15 : McAfee VirusScan: Insecure DT_RPATH

The remote host is affected by the vulnerability described in GLSA-200612-15 McAfee VirusScan: Insecure DTRPATH Jakub Moc of Gentoo Linux discovered that McAfee VirusScan was distributed with an insecure DTRPATH which included the current working directory, rather than $ORIGIN which was probably...

[SA23286] Newtone ImageKit ActiveX Control Unspecified Buffer Overfow

TITLE: Newtone ImageKit ActiveX Control Unspecified Buffer Overfow SECUNIA ADVISORY ID: SA23286 VERIFY ADVISORY: http://secunia.com/advisories/23286/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Photo Loader 3.x http://secunia.com/product/12847/ ImageKit 6.x...