Debian DSA-2275-1 : openoffice.org - stack-based buffer overflow

Will Dormann and Jared Allar discovered that the Lotus Word Pro import filter of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft Office, is not properly handling object ids in the '.lwp' file format. An attacker can exploit this wit...

[SECURITY] [DSA 2275-1] openoffice.org security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2275-1 [email protected] http://www.debian.org/security/ Nico Golde July 7, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

Stack overflow

Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters...

NetBSD 5.1 - 'libc/net' Multiple Stack Buffer Overflows

// source: https://www.securityfocus.com/bid/48528/info NetBSD is prone to a stack-based buffer-overflow vulnerability affecting multiple functions in the 'libc/net' library. Successful exploits may allow an attacker to execute arbitrary code in the context of the application using the affected...

DATAC RealWin SCADA Server On_FC_CONNECT_FCS_a_FILE Buffer Overflow Vulnerability

DATAC RealWin SCADA Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability

ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-215 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave...

CVE-2011-1708

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie...

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM

!/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication credentials hard-coded in lcfd.exe 2 Stack-based...

CVE-2011-1959

The snoopread function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service application crash via a large length value in a snoop file that triggers a stack-bas...

CentOS Update for gimp CESA-2011:0837 centos4 i386

Check for the Version of gimp OpenVAS Vulnerability Test CentOS Update for gimp CESA-2011:0837 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RedHat Update for gimp RHSA-2011:0837-01

Check for the Version of gimp OpenVAS Vulnerability Test RedHat Update for gimp RHSA-2011:0837-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

GE Intelligent Platforms Proficy Historian Data Archiver Buffer Overflow Vulnerability

Overview ICS-CERT originally released Advisory ICSA-11-243-03P on the US-CERT secure Portal on August 31, 2011. This web page release was delayed to allow users time to download and install the update. ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative concerning...

RHEL 4 : gimp (RHSA-2011:0837)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0837 advisory. - Gimp: Integer overflow in the BMP image file plugin CVE-2009-1570 - Gimp: Stack-based buffer overflow in SphereDesigner plug-in...

RHEL 6 : gimp (RHSA-2011:0839)

Updated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2011-1214

Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ...

Integer overflow

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W...

CVE-2011-1213

In IBM Lotus Notes, the Autonomy KeyView component (lzhsr.dll) is vulnerable to a stack-based buffer overflow via a crafted .lzh header, caused by an integer underflow in KeyView’s parsing. A remote attacker could execute arbitrary code on affected systems running Lotus Notes before 8.5.2 FP3. Mi...

CVE-2011-1216

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7...

Mandriva Update for wireshark MDVSA-2011:083 (wireshark)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for libmodplug MDVSA-2011:085 (libmodplug)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...