SuSE 11.1 Security Update : MySQL (SAT Patch Number 5285)

This MySQL version update to 5.0.94 update fixes the following security issues : - CVE-2010-3833: CVSS v2 Base Score: 4.0 moderate AV:N/AC:L/Au:S/C:N/I:N/A:P: Resource Management Errors CWE-399 - CVE-2010-3834: CVSS v2 Base Score: 4.0 moderate AV:N/AC:L/Au:S/C:N/I:N/A:P: Insufficient Information...

SuSE9 Security Update : libpng (YOU Patch Number 12815)

This update of libpng fixes : - CVSS v2 Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C: Resource Management Errors CWE-399. CVE-2008-6218 - CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119. CVE-2011-2690 - CVSS v2 Base Score: 5.0 AV:N/AC:M/Au:N/C:N/I:N/A:P: Buffer Errors...

SuSE 10 Security Update : libpng (ZYPP Patch Number 7669)

This update of libpng fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C: Resource Management Errors CWE-399 - CVE-2011-2690: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 - CVE-2011-2692: CVSS v2 Base Score: 5.0 AV:N/AC:M/Au:N/C:N/I:N/A:P:...

SuSE 11.1 Security Update : libpng (SAT Patch Number 4948)

This update of libpng12-0 fixes : - CVE-2008-6218: CVSS v2 Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C: Resource Management Errors CWE-399 - unknown unknown. CVE-2009-5063: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P - CVE-2011-2501: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P: Desig...

SuSE 11.1 Security Update : PHP5 (SAT Patch Number 4663)

This PHP5 update fixes : - CVE-2011-0421: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P: Input Validation CWE-20 - CVE-2011-1092: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Numeric Errors CWE-189 - CVE-2011-1148: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Resource Managemen...

openSUSE Security Update : tomcat6 (openSUSE-SU-2011:0146-1)

This tomcat6 update fixes : - CVE-2010-3718: CVSS v2 Base Score: 4.0 AV:N/AC:H/Au:N/C:P/I:P/A:N: Design Error CWE-DesignError - CVE-2011-0013: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N: XSS CWE-79 - CVE-2011-0534: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P: Resource Management...

openSUSE Security Update : finch (finch-2032)

This update of pidgin fixes various security vulnerabilities - CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal CWE-22 Remote file disclosure vulnerability by using the MSN protocol. - CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource Management Errors CWE-399 MSN protocol plugin in libpurpl...

openSUSE Security Update : finch (finch-2032)

This update of pidgin fixes various security vulnerabilities - CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal CWE-22 Remote file disclosure vulnerability by using the MSN protocol. - CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource Management Errors CWE-399 MSN protocol plugin in libpurpl...

openSUSE Security Update : finch (finch-2032)

This update of pidgin fixes various security vulnerabilities - CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal CWE-22 Remote file disclosure vulnerability by using the MSN protocol. - CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource Management Errors CWE-399 MSN protocol plugin in libpurpl...

Mandrake Linux Security Advisory : xli (MDKSA-2005:076)

A number of vulnerabilities have been found in the xli image viewer. Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a flaw in the handling of compressed images where shell meta-characters are not properly escaped CVE-2005-0638. It was also found that insufficient validation of...

[SECURITY] [DSA 694-1] New xloadimage packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 694-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2005 http://www.debian.org/security/faq -...

Debian DSA-695-1 : xli - buffer overflow, input sanitising, integer overflow

Several vulnerabilities have been discovered in xli, an image viewer for X11. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2001-0775 A buffer overflow in the decoder for FACES format images could be exploited by an attacker to execute arbitrary code...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2005-0639

CVE-2005-0639 (and CVE-2005-0638) affect the xli image viewer prior to 1.17. The vulnerabilities arise from buffer management errors in processing certain image properties and possible integer overflows in PPM files, which may allow a remote attacker to execute arbitrary code. Several advisories ...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...