iDEFENSE Security Advisory 06.29.05: Clam AntiVirus ClamAV Cabinet File Handling DoS Vulnerability

Clam AntiVirus ClamAV Cabinet File Handling DoS Vulnerability iDEFENSE Security Advisory 06.29.05 www.idefense.com/application/poi/display?id=275&type=vulnerabilities June 29, 2005 I. BACKGROUND Clam AntiVirus is a GPL anti-virus toolkit for Unix. II. DESCRIPTION Remote exploitation of an input...

FreeBSD-SA-05:13.ipfw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:13.ipfw Security Advisory The FreeBSD Project Topic: ipfw packet matching errors with address tables Category: core Module: netinet Announced: 2005-06-29...

information disclosure when using HTT

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:09.htt Security Advisory The FreeBSD Project Topic: information disclosure when using HTT Category: core Module: sys Announced: 2005-05-13 Revised: 2005-05-13...

CVE-2005-0554

Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."...

security flaw

Integer overflow in the exifprocessIFDTAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count...

openoffice.org security update

CentOS Errata and Security Advisory CESA-2005:375 Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a wo...

Important: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager,...

CVE-2005-0554

CVE-2005-0554 describes a buffer overflow in Internet Explorer’s URL processing logic when handling long hostnames, affecting IE 5.01, 5.5, and 6.0. Public sources (NVD/NIST, CVE listings, and security advisories) identify this as a URL Parsing Memory Corruption Vulnerability that could allow rem...

CVE-2005-0554

Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."...

CVE-2005-1060

Technical details about CVE-2005-1060 are not publicly available in the provided documents. Monitor for updates.

Critical: Red Hat Security Advisory: RealPlayer security update

An updated RealPlayer package that fixes two buffer overflow issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. RealPlayer is a media player. A stack based buffer overflow bug was found in RealPlayer's Synchronized...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document. Remediation There is no fixed version for xerces-c. References ...

CVE-2004-0753

The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...

CVE-2004-0753

The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...

DEBIAN-CVE-2004-0753

The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...

CVE-2004-0753

The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...

CVE-2004-0753

The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...

CVE-2004-0753

The vulnerability CVE-2004-0753 affects the BMP image processing path in gdk-pixbuf (before 0.22) and GTK+ gtk2 (before 2.2.4), where a crafted BMP file can trigger an infinite loop and cause a remote denial of service. Public records from multiple advisories corroborate affected packages and pro...

CVE-2004-0753

The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...

Important: Red Hat Security Advisory: gdk-pixbuf security update

Updated gdk-pixbuf packages that fix several security flaws are now available. The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. Updated 15th September 2004 Packages have been updated to correct a bug which caused the xpm loader to fail. During...