Fedora 9 : newsx-1.6-9.fc9 (2008-6321)

Sat Jul 12 2008 Dominik Mierzejewski 1.6-9 - fixed stack-based buffer overflow in getarticle.c 454483 - restored the use of history Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...

CVE-2008-3182

Stack-based buffer overflow in DAP.exe in Download Accelerator Plus DAP 7.0.1.3, 8.6.6.3, and other 8.x versions allows user-assisted remote attackers to execute arbitrary code via an M3U .m3u file containing a long MP3 URL...

CVE-2008-3182

Affected software: Download Accelerator Plus (DAP) by SpeedBit, specifically 7.x/8.x series (example: 7.0.1.3, 8.6.6.3). Vulnerability: Stack-based buffer overflow in DAP.exe that can be triggered by parsing an M3U file containing a long MP3 URL. Impact: remote code execution on the affected host...

Integer overflow

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."...

CVE-2008-3159

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."...

CVE-2008-3159

This CVE affects Novell eDirectory: integer overflow in ds.dlm/dhost.exe (port 524) causing a stack-based buffer overflow that enables remote code execution. Affected versions are eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2. The flaw is linked to flawed arithmetic and can be ...

CVE-2008-3159

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."...

CVE-2008-3155

Stack-based buffer overflow in the ActiveX control as2guiie.dll in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service crash or execute arbitrary code via a long argument to the Update method...

CVE-2008-3148

Stack-based buffer overflow in 1 OllyDBG 1.10 and 2 ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string...

CVE-2008-3024

Stack-based buffer overflow in phgrafx in QNX Momentics aka RTOS 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/...

CVE-2008-3024

CVE-2008-3024 describes a stack-based buffer overflow in the phgrafx component of QNX Momentics (RTOS) 6.3.2 and earlier. The overflow is triggered by a long *.pal filename in the palette/ path, allowing local users to gain privileges. The vulnerability is local and does not indicate network acce...

openSUSE 10 Security Update : mtr (mtr-5289)

This update fixes a stack based buffer overflow which could potentially be exploited by a remote attacker to execute arbitrary code CVE-2008-2357. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...

SuSE 10 Security Update : mtr (ZYPP Patch Number 5291)

This update fixes a stack-based buffer overflow which could potentially be exploited by a remote attacker to execute arbitrary code. CVE-2008-2357 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

CVE-2008-2908

Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the 1 operation, 2 printer-url, or 3 target-frame parameter. NOTE: some of these details are obtain...

Stack overflow

Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the 1 operation, 2 printer-url, or 3 target-frame parameter. NOTE: some of these details are obtain...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 5345)

This version upgrade php5 to 5.2.6 fixes several security vulnerabilities. - Fixed possible stack-based buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. - Fixed integer overflow in printf identified by Maksymilian Aciemowicz. - Fixed security issue detailed in CVE-2008-0599...

CVE-2008-2828

CVE-2008-2828 describes a stack-based buffer overflow in tmsnc’s UBX payload handling. A crafted MSN UBX packet with a large payload length can trigger a overflow in core_net.c, potentially allowing remote code execution or crash (DoS). The vulnerability is triggered when UBX payload length excee...

Alt-N Technologies SecurityGateway Username Buffer Overflow (CVE-2008-4193)

The Alt-N Technologies SecurityGateway offers email security with a spam filter that serves as an Exchange or SMTP firewall. A stack-based buffer overflow vulnerability was reported in Alt-N Technologies SecurityGateway. The vulnerability is due to a boundary error in the SecurityGateway that fai...

CVE-2008-2745

Stack-based buffer overflow in BiAnno ActiveX Control BiAnno.ocx in Black Ice Software Annotation Plugin 10.95 allows remote attackers to execute arbitrary code via a long parameter to the AnnoSaveToTiff method...

CVE-2008-2639

Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222...