SuSE9 Security Update : freetype2 (YOU Patch Number 12630)

This update of freetype2 fixes several vulnerabilities that could lead to remote system compromise by executing arbitrary code with user privileges : - stack-based buffer overflow while processing CFF opcodes. CVE-2010-1797 - integer underflow. CVE-2010-2497 - invalid free. CVE-2010-2498 - buffer...

CVE-2010-1527

Summary (CVE-2010-1527): A stack-based buffer overflow in Novell iPrint Client (ienipp.ocx) allows remote code execution via an overly long call-back-url parameter in the op-client-interface-version action. Affected product: Novell iPrint Client ActiveX/Browser Plugin; vulnerable component/file: ...

Debian Security Advisory DSA 2078-1 (mapserver)

The remote host is missing an update to mapserver announced via advisory DSA 2078-1. OpenVAS Vulnerability Test $Id: deb20781.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2078-1 mapserver Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

CVE-2010-3064

CVE-2010-3064: Stack-based buffer overflow in php_mysqlnd_auth_write (Mysqlnd extension) affects PHP 5.3–5.3.2. Context-dependent attackers could crash the process or possibly execute arbitrary code via a long username or database name passed to mysql_connect or mysqli_connect. Remediation: upgra...

CVE-2010-0133

Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allow remote attackers to execute arbitrary code via unspecified vectors related to "certain records."...

Stack overflow

Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allow remote attackers to execute arbitrary code via unspecified vectors related to "certain records."...

CVE-2010-0133

Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allow remote attackers to execute arbitrary code via unspecified vectors related to "certain records."...

CVE-2010-1797

Multiple stack-based buffer overflows in the cffdecoderparsecharstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute...

Stack overflow

Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file...

CVE-2010-1797

Multiple stack-based buffer overflows in the cffdecoderparsecharstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute...

[SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2078-1 [email protected] http://www.debian.org/security/ Nico Golde July 31nd, 2010 http://www.debian.org/security/faq -...

CVE-2010-1797

Multiple stack-based buffer overflows in the cffdecoderparsecharstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute...

Microsoft Office Word sprmCMajority Record Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records...

SigPlus Pro ActiveX Control 'LCDWriteString()' Buffer Overflow Vulnerability

This host is installed with SigPlus Pro ActiveX Control and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsigplusproactivexcontrolbofvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ SigPlus Pro ActiveX Control 'LCDWriteString' Buffer Overflow Vulnerability Authors: Soor...

CVE-2010-2974

Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server WAS before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment IDE and the InFusion...

CVE-2010-2974

The CVE-2010-2974 issue is a stack-based buffer overflow in the IConfigurationAccess interface of the Wonderware ArchestrA ConfigurationAccessComponent ActiveX control used by Wonderware Application Server (WAS) and related IDE/IEE. Affected software runs prior to 3.1 SP2 P01. An attacker can sup...

CVE-2010-2709

Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie...

CVE-2010-2709

Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie...

Novell iPrint Client Browser Plugin operation Parameter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint Client Browser Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Debian DSA-2079-1 : mapserver - several vulnerabilities

Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2539 A stack-based buffer overflow in the msTmpFile...