273 matches found
USN-3272-2 ghostscript regression
USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced a regression when the DELAYBIND feature is used with the eqproc command. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Ghostscript improperly handled...
UBUNTU-CVE-2017-8394
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of bfdelflargecomsection. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library,...
UBUNTU-CVE-2017-7383
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PDF document...
ALPINE-CVE-2017-5193
The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a message without a nick...
CVE-2016-8694
The bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696...
CVE-2016-4724
IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...
openSUSE Security Update : dropbear (openSUSE-2016-393)
This update for dropbear fixes the following issues : - dropbear was updated to upstream version 2016.72 - Validate X11 forwarding input. Could allow bypass of authorizedkeys command= restrictions, found by github.com/tintinweb. Thanks for Damien Miller for a patch. - used as bug fix release for...
SUSE-SU-2016:0621-1 Security update for openssl
This update for openssl fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the 'DROWN' attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...
Xen GNTTABOP_swap_grant_ref() Version Check Denial of Service Vulnerability
Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. A security vulnerability in Xen GNTTABOPswapgrantref allows local users to exploit the vulnerability by triggering a null pointer reference that crashes the target HOST, due to a...
OpenSSL no-ssl3 option null pointer reference vulnerability
OpenSSL is an open source SSL implementation used to implement strong encryption for network communications. A null pointer reference vulnerability exists in the OpenSSL no-ssl3 option, when OpenSSL is built with the no-ssl3 option, the SSL mode is set to NULL when SSL v3 ClientHello is received,...
UBUNTU-CVE-2014-3569
The ssl23getclienthello function in s23srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unexpected handshake, as demonstrated by...
barracudadrive <= 3.7.2 - Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: BarracudaDrive Web Server http://barracudaserver.com/products/BarracudaDrive/ http://barracudaserver.com/products/HomeServer/ Versions: = 3.7.2 Platforms: Windows Bugs: A directory traversal B scripts source visualization C arbitrary...
DEBIAN-CVE-2014-3967
The HVMOPinjectmsi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service NULL pointer dereference and crash via unspecified vectors...
Fedora 16 : claws-mail-3.8.1-3.fc16 (2012-16772)
Fixes a NULL pointer crash. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 17 : claws-mail-3.8.1-3.fc17 (2012-16753)
Fixes a NULL pointer crash. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Scientific Linux Security Update : fetchmail on SL3.x, SL4.x, SL5.x i386/x86_64
CVE-2007-4565 Fetchmail NULL pointer dereference CVE-2008-2711 fetchmail: Crash in large log messages in verbose mode CVE-2009-2666 fetchmail: SSL null terminator bypass It was discovered that fetchmail is affected by the previously published 'null prefix attack', caused by incorrect handling of...
(libpurple): Multiple DoS (crash) flaws by processing of unsanitized Base64 decoder values
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purplebase64decode function, which allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a crafted message, related to the plugins for MSN, MySpaceIM,...
PT-2010-1701 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.32.6 Description: A race condition in the tty fasync function allows local users to cause a denial of service, potentially resulting in a system crash due to a NULL pointer dereference. The issue is related ...
krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)
The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of...
NULL pointer crash in freeSSHd 1.20
Luigi Auriemma Application: freeSSHd http://www.freesshd.com Note: is possible that the problem affects also wodSSHServer anyway this has not been tested Versions: = 1.2.0 Platforms: Windows Bug: NULL pointer crash Exploitation: remote Date: 17 Feb 2008 Author: Luigi Auriemma e-mail:...