SuSE 11.2 / 11.3 Security Update : xorg-x11 (SAT Patch Numbers 8723 / 8724)

This update fixes a stack-based buffer overflow in xorg-x11 in the function bdfReadCharacters. CVE-2013-6462 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information...

Artweaver 3.x < 3.1.5 JPG File Handling Stack-based Buffer Overflow

The remote host has a version of Artweaver 3.x prior to version 3.1.5. It is, therefore, affected by an error related to handling JPG image files that could allow stack-based buffer overflows. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72397; scriptversion"1.5";...

CVE-2013-2691

Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 allows remote attackers to execute arbitrary code via a crafted MPEG2-TS video file, related to the MPEG2 transport stream...

CVE-2013-4978

Stack-based buffer overflow in AloahaPDFViewer 5.0.0.7 and earlier in Aloaha PDF Suite FREE allows remote attackers to execute arbitrary code via a crafted PDF file...

CVE-2012-2108

Stack-based buffer overflow in the main function in util/lpcimain.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file...

CVE-2014-0019

Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line...

CVE-2014-0019

Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line...

CVE-2014-0019

Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line...

CVE-2013-4738

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges via 1 a crafted VIDIOCMSMVPEDEQUEUESTREAMBUFFINFO ioctl call, related to...

CVE-2013-4738

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges via 1 a crafted VIDIOCMSMVPEDEQUEUESTREAMBUFFINFO ioctl call, related to...

Updated libmicrohttpd package fixes security vulnerabilities

The MHDhttpunescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read CVE-2013-7038. Stack-based buffer overflow in the MHDdigestauthcheck function in...

GLSA-201401-18 : OpenSC: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201401-18 OpenSC: Arbitrary code execution Multiple stack-based buffer overflow errors have been discovered in OpenSC. Impact : A physically proximate attacker could possibly execute arbitrary code using a specially crafted smart...

GLSA-201401-17 : PCSC-Lite: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201401-17 PCSC-Lite: Arbitrary code execution PCSC-Lite contains a stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset Handler atrhandler.c. Impact : A physically proximate attacker could execute...

MGASA-2014-0022 Updated spice packages fix a security vulnerability

Updated spice packages fix security vulnerability: A stack-based buffer overflow flaw was found in the way the redshandleticket function in the spice-server library handled decryption of ticket data provided by the client. A remote user able to initiate a SPICE connection to an application acting...

CVE-2014-0753

Ecava IntegraXor SCADA server (Ecava IntegraXor) is affected by CVE-2014-0753. The stack-based buffer overflow affects versions prior to 4.1.4390 and can be exploited remotely by triggering access to DLL code in the IntegraXor directory, potentially causing a denial of service (system crash). The...

MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()

MuPDF versions 1.3 and below suffer from a stack-based buffer overflow in xpsparsecolor. Proof of concept file included. ============================================================= 0day - MuPDF Stack-based Buffer Overflow in xpsparsecolor...

IBM Forms Viewer Stack Buffer Overflow

The version of IBM Forms Viewer on the remote host is affected by a stack-based buffer overflow in the XDL form fontname tag parser. This can allow an attacker to execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72026; scriptversion"1.8";...

FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:01.bsnmpd Security Advisory The FreeBSD Project Topic: bsnmpd remote denial of service vulnerability Category: contrib Module: bsnmp Announced: 2014-01-14...

CVE-2013-7106

CVE-2013-7106 affects Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2, with multiple stack-based buffer overflows in CGI code (display_nav_table, page_limit_selector, print_export_link, page_num_selector in cgi; status_page_num_selector in cgi/status.c; display_command_expansion in ...

CentOS Update for libXfont CESA-2014:0018 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...