FreeBSD : cups-filters -- texttopdf integer overflow (bf1d9331-21b6-11e5-86ff-14dae9d210b8)

Stefan Cornelius from Red Hat reports : An integer overflow flaw leading to a heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filter processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to...

cups-filters -- texttopdf integer overflow

Stefan Cornelius from Red Hat reports: An integer overflow flaw leading to a heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filter processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to...

Memory corruption

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code o...

CVE-2015-0806

CVE-2015-0806 affects Mozilla Firefox prior to 37.0, where the OMTC path may call memset on a negative-length memory region during interaction with mozilla::layers::BufferTextureClient::AllocateForSurface. This can enable a remote attacker to execute arbitrary code or cause a memory corruption-ba...

UBUNTU-CVE-2015-0805

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service...

DLA-23-1 nss - security update

Bulletin has no description...

openSUSE Security Update : samba (openSUSE-SU-2013:1921-1)

" - Update to 4.1.3. + DCE-RPC fragment length field is incorrectly checked; CVE-2013-4408; bnc844720. + pamwinbind login without requiremembershipof restrictions; CVE-2012-6150; bnc853347. - Make use of the full gpg pub key file name including the key ID. - Add transparent file compression...

Scientific Linux Security Update : glibc on SL5.x i386/x86_64 (20131008)

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions pvalloc, valloc, and memalign. If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of t...

GNU glibc - strcoll() Routine Integer Overflow

GNU glibc - strcoll Routine Integer Overflow // source: https://www.securityfocus.com/bid/55462/info GNU glibc is prone to a remote integer-overflow vulnerability which leads to buffer overflow vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of a...

CVE-2011-3489

RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service crash via a crafted rna packet with a long string to TCP port 4446 that triggers 1 "a memset zero overflow" or 2 an out-of-bounds read, related to improper handling of ...

CVE-2011-3489

RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service crash via a crafted rna packet with a long string to TCP port 4446 that triggers 1 "a memset zero overflow" or 2 an out-of-bounds read, related to improper handling of ...

Google Chrome < 13.0.782.215 Multiple Vulnerabilities (Sep 2011) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2011-2839

CVE-2011-2839 affects Google Chrome’s Linux PDF handling: the PDF implementation does not properly use memset, enabling remote DoS and possibly other impact via unknown vectors. A fix is available in Chrome 13.0.782.215 and later.

CVE-2011-2839

Removed by vendor...

Stable Channel Update

The Chrome Stable channel has been updated to 13.0.782.215 for all platforms. This release contains the following security fixes. Security fixes and rewards: Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are ...

Linux Kernel 2.6.36-rc1 (Ubuntu 10.04 2.6.32) - CAN BCM Local Privilege Escalation

Linux Kernel 2.6.36-rc1 Ubuntu 10.04 2.6.32 - CAN BCM Local Privilege Escalation / i-CAN-haz-MODHARDEN.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 Ben Hawkes discovered an integer overflow in the Controller Area Network CAN...

webdesproxy 0.0.1 - exec-shield GET Remote Code Execution

webdesproxy 0.0.1 - exec-shield GET Remote Code Execution / Fedora Core 6 exec-shield based Webdesproxy webdesproxy-0.0.1.tgz remote root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...

OpenOffice畸形Word文件整数溢出漏洞

OpenOffice是个整合性的软件，包含了许多文字处理、表格、公式等办公工具。 OpenOffice在处理某些畸形Word文档时存在整数溢出，远程攻击者可能利用此漏洞在用户机器上执行任意指令。 memset会试图向堆中写入大量的0： Breakpoint 2, WW8PLCF::GeneratePLCF this=0xb12a36e8, pSt=0xabae6cc8, nPN=0, ncpN=587202560 at /usr/src/debug/OOD680m5/sw/source/filter/ww8/ww8scan.cxx:2299 2299 nIMax = ncpN;...

security flaw

The iptrecent kernel module iptrecent.c in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service kernel panic via certain attacks such as SSH brute force, which leads to memset calls using a length based on the uint32t...