[ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200904-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

CVE-2009-1328

Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist .m3u file...

CVE-2009-1326

Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist .m3u file...

CVE-2009-1328

CVE-2009-1328 affects Mini-stream RM-MP3 Converter; the stack-based buffer overflow is triggered by a long URI in an M3U playlist, enabling code execution. Public records reference vulnerable versions such as 3.0.0.7 and later 3.1.2.1.2010.03.30, with related exploit material describing ASLR/DEP ...

CVE-2009-1324

Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist .m3u file...

Stack overflow

Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control DanskeSikker.ocx 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function...

cTorrentDTorrent - .torrent Local Buffer Overflow

cTorrentDTorrent - .torrent Local Buffer Overflow !/usr/bin/python Written By Michael Brooks 04/17/2009 Stack Based Buffer Overflow The vulnerability is in the btFiles::BuildFromMI function inside the btfiles.cpp file Exploit tested on cTorrent 1.3.4 using Debian Sarge using Linux kernel...

CVE-2009-1016

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the...

CVE-2009-1016

CVE-2009-1016 concerns a buffer overflow in BEA/Oracle WebLogic Server Plugins related to parsing SSL certificates. The vulnerability affects WebLogic Server Plug-ins across multiple BEA/Oracle versions and can be triggered by a crafted certificate, potentially impacting confidentiality, integrit...

Stack overflow

Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data...

CVE-2009-0235

Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data...

Stack overflow

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response...

Stack overflow

Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to...

CVE-2008-4420

Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to...

CVE-2008-6703

The vulnerability CVE-2008-6703 affects S.T.A.L.K.E.R.: Shadow of Chernobyl (version 1.0006 and earlier). A stack-based buffer overflow occurs in IPureServer::_Recieve when processing a compressed 0x39 packet, which is decompressed by NET_Compressor::Decompress, allowing remote code execution. Th...

Mandriva Update for xine-lib MDVSA-2008:178 (xine-lib)

Check for the Version of xine-lib OpenVAS Vulnerability Test Mandriva Update for xine-lib MDVSA-2008:178 xine-lib Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Mandriva Update for kernel MDKSA-2007:195 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDKSA-2007:195 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for kernel MDKSA-2007:195 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDKSA-2007:195 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for audit MDVSA-2008:083 (audit)

Check for the Version of audit OpenVAS Vulnerability Test Mandriva Update for audit MDVSA-2008:083 audit Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for openoffice.org MDKSA-2007:073 (openoffice.org)

Check for the Version of openoffice.org OpenVAS Vulnerability Test Mandriva Update for openoffice.org MDKSA-2007:073 openoffice.org Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...