Updated kdenetwork4 packages fix security vulnerabilities in krfb

A malicious VNC client can trigger multiple DoS conditions on the VNC server by advertising a large screen size, ClientCutText message length and/or a zero scaling factor parameter CVE-2014-6053, CVE-2014-6054. A malicious VNC client can trigger multiple stack-based buffer overflows by passing a...

Amazon Linux AMI : glibc (ALAS-2014-355)

Multiple stack-based buffer overflows in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 2.6.33, when CONFIGIPVS is used, allow local users to gain privileges by leveraging the CAPNETADMIN capability for 1 a getsockopt system call, related to the doipvsgetctl function, or 2 a setsockopt...

Stack overflow

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

Stack overflow

Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...

Stack overflow

Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service application halt via a malformed 1 setting file or 2 disturbance recording file...

CVE-2014-4501

Removed by vendor...

Stack overflow

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the 1 ProjectName, 2 SetParameter, 3 NodeName, 4 CCDParameter, 5 SetColor, 6 AlarmImage, 7 GetParameter, 8 GetColor, 9 ServerResponse, 10 SetBaud, or 11...

CVE-2014-2364 Advantech WebAccess Stack-Based Buffer Overflow

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the 1 ProjectName, 2 SetParameter, 3 NodeName, 4 CCDParameter, 5 SetColor, 6 AlarmImage, 7 GetParameter, 8 GetColor, 9 ServerResponse, 10 SetBaud, or 11...

openSUSE Security Update : plib (openSUSE-SU-2012:1506-1)

This update of plib fixed two stack-based buffer overflows. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-789. The text description of this plugin is C SUSE LLC...

CVE-2011-5280

Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of service crash via a long trickle-up to 1 client/cstrickle.cpp or 2 db/dbbase.cpp...

CVE-2012-0270

CVE-2012-0270 affects Csound prior to 5.16.6, caused by stack-based buffer overflows in getnum() (util/heti_main.c and util/pv_import.c). Exploitation via specially crafted hetro and pvoc files can lead to remote code execution. Remediation: upgrade to Csound 5.16.6 or later; patches referenced i...

CVE-2013-4738

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges via 1 a crafted VIDIOCMSMVPEDEQUEUESTREAMBUFFINFO ioctl call, related to...

CVE-2013-4738

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges via 1 a crafted VIDIOCMSMVPEDEQUEUESTREAMBUFFINFO ioctl call, related to...

CVE-2013-4276

Multiple stack-based buffer overflows in LittleCMS aka lcms or liblcms 1.19 and earlier allow remote attackers to cause a denial of service crash via a crafted 1 ICC color profile to the icctrans utility or 2 TIFF image to the tiffdiff utility...

Amazon Linux AMI : glibc (ALAS-2012-120)

Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc's functions for converting a string to a numeric representation strtod, strtof, and strtold. If an application used such a function on attacker controlled input, it could cause the application to crash o...

Debian DSA-2698-1 : tiff - buffer overflow

Multiple issues were discovered in the TIFF tools, a set of utilities for TIFF image file manipulation and conversion. - CVE-2013-1960 Emmanuel Bouillon discovered a heap-based buffer overflow in the tpprocessjpegstrip function in the tiff2pdf tool. This could potentially lead to a crash or...

CVE-2011-1180

Multiple stack-based buffer overflows in the iriapgetvaluebyclassindication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared...

CVE-2011-1180

Multiple stack-based buffer overflows in the iriapgetvaluebyclassindication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared...

CVE-2013-0728

Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value...