120 matches found
Debian Security Advisory DSA 1635-1 (freetype)
The remote host is missing an update to freetype announced via advisory DSA 1635-1. OpenVAS Vulnerability Test $Id: deb16351.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1635-1 freetype Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2008-3964
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a PNG image with crafted zTXt chunks, related to 1 the pngpushreadzTXt function in pngread.c, and possibl...
Debian DSA-1635-1 : freetype - multiple vulnerabilities
Several local vulnerabilities have been discovered in freetype, a FreeType 2 font engine, which could allow the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1806 An integer overflow allows context-dependent attackers ...
CVE-2008-3964
CVE-2008-3964 affects libpng, where multiple off-by-one errors in png_push_read_zTXt (in pngread.c) can crash or cause other impact when processing crafted PNGs. Affected are libpng before 1.2.32beta01 and 1.4 before 1.4.0beta34. Consequence is a denial of service (crash) and unspecified other im...
CVE-2008-3964
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a PNG image with crafted zTXt chunks, related to 1 the pngpushreadzTXt function in pngread.c, and possibl...
Heap overflow
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via 1 a crafted table in a Printer Font Binary PFB file or 2 a crafted SHC instruction in a TrueType Font TTF file, which triggers a heap-based buffer overflow...
CVE-2008-1808
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via 1 a crafted table in a Printer Font Binary PFB file or 2 a crafted SHC instruction in a TrueType Font TTF file, which triggers a heap-based buffer overflow...
CVE-2008-1808
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via 1 a crafted table in a Printer Font Binary PFB file or 2 a crafted SHC instruction in a TrueType Font TTF file, which triggers a heap-based buffer overflow...
CVE-2008-1808
CVE-2008-1808 : Multiple off-by-one errors in FreeType2 up to version 2.3.5 (pre-2.3.6) can be triggered by a crafted table in a Printer Font Binary (PFB) file or a crafted SHC instruction in a TrueType Font (TTF) file, leading to a heap-based buffer overflow and potential arbitrary code executio...
CVE-2008-1808
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via 1 a crafted table in a Printer Font Binary PFB file or 2 a crafted SHC instruction in a TrueType Font TTF file, which triggers a heap-based buffer overflow...
CVE-2008-2388
Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...
Code injection
Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."...
CVE-2008-2388
CVE-2008-2388 affects opensuse-updater in openSUSE 10.2. The vulnerability is described as multiple off-by-one errors in the updater component, with the impact and attack vectors stated as unspecified. The vendor notes these “can be considered no security problem,” and no concrete exploitation de...
Debian Security Advisory DSA 1089-1 (freeradius)
The remote host is missing an update to freeradius announced via advisory DSA 1089-1. Several problems have been discovered in freeradius, a high-performance and highly configurable RADIUS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4744 Su...
CVE-2007-4091
CVE-2007-4091 concerns rsync 2.6.9 where multiple off-by-one errors in sender.c (in the f_name handling) could allow remote attackers to execute arbitrary code. The description is consistently stated across multiple sources tied to rsync, highlighting the vulnerable component as sender.c and the ...
CVE-2007-4091
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function...
CVE-2006-7221
Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the 1 name and 2 dname entry attributes...
CVE-2006-7221
Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the 1 name and 2 dname entry attributes...
CVE-2006-7221
Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the 1 name and 2 dname entry attributes...
CVE-2006-7221
Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the 1 name and 2 dname entry attributes...