5149 matches found
Debian: Security Advisory (DSA-2868-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity...
MGASA-2014-0092 Updated file package fixes security vulnerability
It was discovered that file before 5.17 contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. Additionally, other well-crafted files might result in long...
Updated file package fixes security vulnerability
It was discovered that file before 5.17 contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. Additionally, other well-crafted files might result in long...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
DEBIAN-CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2014-1943
CVE-2014-1943 affects the file(1) utility and its libmagic component. A crafted indirect offset value in the file(1) magic can cause context-dependent attackers to trigger infinite recursion, CPU exhaustion, and a crash, i.e., denial of service. The vulnerability is described as applicable to fil...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
[SECURITY] [DSA 2861-1] file security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2861-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 16, 2014 http://www.debian.org/security/faq -...
DSA-2861-1 file - denial of service
Bulletin has no description...
file -- denial of service
The Fine Free file project reports: file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2013-7298
queryparams.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service infinite recursion and crash via an HTTP query that contains %% double percent characters...
UBUNTU-CVE-2013-7298
queryparams.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service infinite recursion and crash via an HTTP query that contains %% double percent characters...
Double free
queryparams.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service infinite recursion and crash via an HTTP query that contains %% double percent characters...
CVE-2013-7298
queryparams.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service infinite recursion and crash via an HTTP query that contains %% double percent characters...
CVE-2013-7298
queryparams.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service infinite recursion and crash via an HTTP query that contains %% double percent characters...
Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure
Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stack data during execve via copy of data from dangling pointer to stack...
Linux Kernel (Ubuntu 11.1012.04) - binfmt_script Stack Data Disclosure
Linux Kernel Ubuntu 11.1012.04 - binfmtscript Stack Data Disclosure Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stac...
DEBIAN-CVE-2013-4402
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...