19 matches found
MiracleLinux 7 : grub2-2.02-0.87.14.0.5.el7.AXS7 (AXSA:2025-10973:08)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10973:08 advisory. CVE-2014-4607: minilzo: Update to minilzo-2.08 to fix integer overflow CVEs: CVE-2014-4607 Integer overflow in the LZO algorithm variant in Oberhumer liblzo...
CLSA-2025-1758891628 grub2: Fix of CVE-2014-4607
CVE-2014-4607: minilzo: Update to minilzo-2.08 to fix integer overflow...
UBUNTU-CVE-2019-1010057
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffileinline.c:83, minilzo.c redistributed. The attack vector is: nfdump must read and process a specially crafted file...
CVE-2019-1010057
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffileinline.c:83, minilzo.c redistributed. The attack vector is: nfdump must read and process a specially crafted file...
Mandriva Linux Security Advisory : libvncserver (MDVSA-2014:229)
Updated libvncserver packages fix security vulnerabilities : A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote code execution on the VNC...
Fedora 20 : icecream-1.0.1-8.20140822git.fc20 (2014-10468)
This updates icecream to the current version from upstream git repository. It drops the bundled minilzo library, which had a vulnerability. Instead the system lzo library is used. CVE-2014-4607 Note that Tenable Network Security has extracted the preceding description block directly from the Fedo...
Updated dump package fix CVE-2014-4607
Updated dump packages fix security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The dump package is buil...
Updated blender package fixes CVE-2014-4607
Updated blender package fixes security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The blender package ...
Updated x11vnc packages fix security vulnerability
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The libvncserver library is built with a bundled copy of minilzo, which is...
Updated kdenetwork4 packages fixes security vulnerability in krfb
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The libvncserver library is built with a bundled copy of minilzo, which is...
Updated harbour package fixes security vulnerability
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The harbour is built with a bundled copy of minilzo, which is a part of...
Updated icecream package fixes security vulnerability
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The icecream package is built with a bundled copy of minilzo, which is a...
Updated italc package fixes security vulnerability
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The italc package is built with a bundled copy of minilzo, which is a part...
Updated grub2 package fixes security vulnerability
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The grub2 package is built with a bundled copy of minilzo, which is a part...
MGASA-2014-0355 Updated harbour package fixes security vulnerability
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The harbour is built with a bundled copy of minilzo, which is a part of...
Updated mednafen packages fix CVE-2014-4607
The bundled version of minilzo.c in the mednafen package has been updated to version 2.08 to fix the following security vulnerability: An integer overflow in minilzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO...
Fedora 20 : krfb-4.13.3-4.fc20 (2014-9183)
Avoid possible denial of service or code execution via integer overflow by using patched system minilzo instead of vulnerable bundled copy. See also: http://www.kde.org/info/security/advisory-20140803-1.txt Note that Tenable Network Security has extracted the preceding description block directly...
Fedora 19 : krfb-4.11.5-3.fc19 (2014-9151)
Avoid possible denial of service or code execution via integer overflow by using patched system minilzo instead of vulnerable bundled copy. See also: http://www.kde.org/info/security/advisory-20140803-1.txt Note that Tenable Network Security has extracted the preceding description block directly...
CVE-2014-4607
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...