6687 matches found
xpdf: array indexing error in FoFiType1::parse()
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code v...
kdegraphics security update
3.3.1-18.1 - Resolves: 639833 CVE-2010-3702, uninitialized Gfx::parser pointer dereference CVE-2010-3704, array indexing error in FoFiType1::parse...
Samba: Stack-based buffer overflow by processing specially-crafted SID records
Stack-based buffer overflow in the 1 sidparse and 2 domsidparse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Windows Security ID SID on a file share...
DEBIAN-CVE-2010-2444
parse/Csv2parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." dot character, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted csv2 zone file...
Null pointer dereference
parse/Csv2parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." dot character, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted csv2 zone file...
cuteeditor using the method of two-vulnerability and early warning-the black bar safety net
Author: m@w01f 1. Direct Download load. ashx configuration file http://www.7747.net/CuteSoftClie ... ../../../web. config Then view some of the sql configuration information from the sql database connection to start with connectionStrings add name="ynncConnectionString" connectionString="Server=....
openSUSE Security Update : expat (expat-1781)
The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update expat-1781. The text description of this plugin is...
openSUSE Security Update : expat (expat-1781)
The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update expat-1781. The text description of this plugin is...
SuSE 10 Security Update : expat (ZYPP Patch Number 6764)
The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid44038;...
SuSE9 Security Update : expat (YOU Patch Number 12568)
The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
SuSE 11 Security Update : expat (SAT Patch Number 1765)
The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...
openSUSE Security Update : libpoppler-devel (libpoppler-devel-1740)
This update of libpoppler3 fixes various security issues. CVE-2009-0791: Fix multiple integer overflows in 'pdftops' filter that could be used by attackers to execute code. CVE-2009-3607: Integer overflow in the createsurfacefromthumbnaildata function in glib/poppler-page.cc in Poppler 0.x allows...
SuSE 10 Security Update : poppler (ZYPP Patch Number 6751)
This update of poppler fixes two security issues : - Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via ...
Design/Logic Flaw
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...
CVE-2009-4035
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...
CVE-2009-4035
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...
CVE-2009-4035
Summary (CVE-2009-4035): The flaw exists in FoFiType1::parse in FoFiType1.cc used by Xpdf 3.0.0, gpdf 2.8.2, and kdegraphics 3.3.1 (and possibly other libraries). The code fails to validate the return value of getNextLine, enabling a signed-to-unsigned conversion error when processing a crafted T...
RHEL 4 : xpdf (RHSA-2009:1680)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2009:1680 advisory. Xpdf is an X Window System based viewer for Portable Document Format PDF files. Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflo...
xpdf: buffer overflow in FoFiType1::parse
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...
xpdf: buffer overflow in FoFiType1::parse
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...