SuSE 10 Security Update : imlib2-loaders (ZYPP Patch Number 2245)

Various security problems have been fixed in the imlib2 image loaders : - A stack-based buffer overflow in loaderpnm.c could be used by attackers to execute code by supplying a handcrafted PNM image. CVE-2006-4809 - A heap buffer overflow in loadertga.c could potentially be used by attackers to...

SuSE 10 Security Update : krb5 (ZYPP Patch Number 3821)

This update fixes a stack-based buffer overflow in kadmind which can be exploited by authenticated remote users to gain root. CVE-2007-2798 Additionally two bugs in the RPC library of kadmind were fixed that can lead to remote system compromise. CVE-2007-2442 / CVE-2007-2443 Note that third-party...

SuSE 10 Security Update : unrar (ZYPP Patch Number 2997)

This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

CVE-2007-5007

Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...

CVE-2007-3901

Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange SAMI parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file...

CVE-2007-3039

Stack-based buffer overflow in the Microsoft Message Queuing MSMQ service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable...

GLSA-200712-10 : Samba: Execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200712-10 Samba: Execution of arbitrary code Alin Rad Pop Secunia Research discovered a boundary checking error in the sendmailslot function which could lead to a stack-based buffer overflow. Impact : A remote attacker could send ...

Stack overflow

Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service application crash and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval...

CVE-2007-6166

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol RTSP servers to execute arbitrary code via an RTSP response with a long Content-Type header...

Stack overflow

Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne FlexGrid 7.1 Light allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the 1 Text, 2 EditSelText, 3 EditText, and 4 CellFontName property...

Stack overflow

Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 aka Microsoft Jet Engine, as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count...

CVE-2007-6026

CVE-2007-6026 covers a stack-based buffer overflow in the Microsoft Jet Database Engine (msjet40.dll, 4.0.8618.0) used by Access 2003 in Office 2003 SP3. The vulnerability arises when parsing MDB files with a crafted column structure, allowing a user-assisted attacker to execute arbitrary code. T...

GLSA-200711-27 : Link Grammar: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200711-27 Link Grammar: User-assisted execution of arbitrary code Alin Rad Pop from Secunia Research discovered a boundary error in the function separatesentence in file tokenize.c when processing an overly long word which might...

Samba < 3.0.27 Multiple Vulnerabilities

According to its banner, the version of the Samba server on the remote host contains a boundary error in the 'replynetbiospacket' function in 'nmbd/nmbdpackets.c' when sending NetBIOS replies. Provided the server is configured to run as a WINS server, a remote attacker can exploit this issue by...

Stack overflow

Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table...

CVE-2007-4267

Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table...

CVE-2007-4267

Apple Mac OS X 10.4–10.4.10 (and Mac OS X Server 10.4–10.4.10) contain a stack-based kernel overflow in the AppleTalk networking path. The vulnerability arises when an IOCTL adds an AppleTalk zone to a routing table, allowing a local attacker to cause arbitrary code execution with kernel privileg...

Samba < 3.0.27 Multiple Vulnerabilities

Binary data 4285.prm...

CVE-2007-5755

Multiple stack-based buffer overflows in the AOL AmpX ActiveX control in AmpX.dll 2.6.1.11 in AOL Radio allow remote attackers to execute arbitrary code via long arguments to unspecified methods...

CVE-2007-5935

CVE-2007-5935 is a stack-based buffer overflow in dvips (teTeX/dvips) that affects teTeX/TeXlive 2007 and earlier. The overflow occurs in hpc.c when processing DVI files containing long href tags, allowing a user-assisted attacker to potentially execute arbitrary code. Connected advisories (RHSA-...