GLSA-200611-17 : fvwm: fvwm-menu-directory fvwm command injection

The remote host is affected by the vulnerability described in GLSA-200611-17 fvwm: fvwm-menu-directory fvwm command injection Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that fvwm-menu-directory does not sufficiently sanitise directory names prior to generating menus. Impact ...

GLSA-200603-08 : GnuPG: Incorrect signature verification

The remote host is affected by the vulnerability described in GLSA-200603-08 GnuPG: Incorrect signature verification OpenPGP is the standard that defines the format of digital signatures supported by GnuPG. OpenPGP signatures consist of multiple sections, in a strictly defined order. Tavis Ormand...

sandbox: Insecure temporary file handling

Background sandbox is a Gentoo Linux utility used by the Portage package management system. Description The Gentoo Linux Security Audit Team discovered that the sandbox utility was vulnerable to multiple TOCTOU Time of Check, Time of Use file creation race conditions. Impact Local users may be ab...

zlib: Buffer overflow

Background zlib is a widely used free and patent unencumbered data compression library. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...

GLSA-200507-05 : zlib: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200507-05 zlib: Buffer overflow Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...

GLSA-200505-16 : ImageMagick, GraphicsMagick: Denial of Service vulnerability

The remote host is affected by the vulnerability described in GLSA-200505-16 ImageMagick, GraphicsMagick: Denial of Service vulnerability Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a Denial of Service vulnerability in the XWD decoder of ImageMagick and GraphicsMagick when...

gdb: Multiple vulnerabilities

Background gdb is the GNU project's debugger, facilitating the analysis and debugging of applications. The BFD library provides a uniform method of accessing a variety of object file formats. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the B...

GLSA-200505-07 : libTIFF: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200505-07 libTIFF: Buffer overflow Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Impact :...

libTIFF: Buffer overflow

Background libTIFF provides support for reading and manipulating TIFF Tag Image File Format images. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Impac...

GLSA-200504-14 : monkeyd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...

[SECURITY] [DSA 694-1] New xloadimage packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 694-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2005 http://www.debian.org/security/faq -...

Debian DSA-694-1 : xloadimage - missing input sanitising, integer overflow

Several vulnerabilities have been discovered in xloadimage, an image viewer for X11. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0638 Tavis Ormandy of the Gentoo Linux Security Audit Team has reported a flaw in the handling of compressed images,...