SUSE SLES11 Security Update : Xen (SUSE-SU-2014:0446-1)

The SUSE Linux Enterprise Server 11 Service Pack 1 LTSS Xen hypervisor and toolset have been updated to fix various security issues and some bugs. The following security issues have been addressed : XSA-84: CVE-2014-1894: Xen 3.2 and presumably earlier exhibit both problems with the overflow issu...

Microsoft Visual Basic VBE6.DLL Stack Memory Corruption (MS10-031) - Ver2 (CVE-2010-0815)

Microsoft Visual Basic VBA is a technology for developing client desktop packaged applications and integrating them with existing data and systems. Microsoft Office products include VBA and make use of VBA to perform certain functions. A remote code execution vulnerability has been reported in th...

Mandriva Linux Security Advisory : fcgi (MDVSA-2015:226)

Updated fcgi packages fix security vulnerability : FCGI does not perform range checks for file descriptors before use of the FDSET macro. This FDSET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial ...

Updated fcgi packages fix CVE-2012-6687

Updated fcgi packages fix security vulnerability: FCGI does not perform range checks for file descriptors before use of the FDSET macro. This FDSET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial o...

Mandriva Linux Security Advisory : jasper (MDVSA-2015:159)

Updated jasper packages fix security vulnerabilities : Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service application crash or the execution of arbitrary code CVE-2014-9029. A double free flaw was found in the way...

Debian DLA-138-1 : jasper security update

An off-by-one flaw, leading to a heap-based buffer overflow CVE-2014-8157, and an unrestricted stack memory use flaw CVE-2014-8158 were found in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute...

jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)

An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...

Memory corruption

The dissectatncpdlcheur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service stack memory corruption and application...

CVE-2015-2187

CVE-2015-2187 affects Wireshark 1.12.x before 1.12.4. The vulnerability lies in the ATN-CPDLC dissector (function dissect_atn_cpdlc_heur in asn1/atn-cpdlc/packet-atn-cpdlc-template.c), which does not properly follow TRY/ENDTRY code requirements, allowing remote attackers to trigger stack memory c...

CVE-2015-2187

The dissectatncpdlcheur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service stack memory corruption and application...

CVE-2015-2187

The dissectatncpdlcheur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service stack memory corruption and application...

Amazon Linux AMI : jasper (ALAS-2015-479)

An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2014-8157 An unrestricted stack memory use flaw was found in...

Important: jasper

Issue Overview: An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2014-8157 An unrestricted stack memory use fl...

Mandriva Linux Security Advisory : jasper (MDVSA-2015:034)

Updated jasper packages fix security vulnerabilities : An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...

DLA-138-1 jasper - security update

Bulletin has no description...

Debian DSA-3138-1 : jasper - security update

An off-by-one flaw, leading to a heap-based buffer overflow CVE-2014-8157 , and an unrestricted stack memory use flaw CVE-2014-8158 were found in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute...

CentOS 6 / 7 : jasper (CESA-2015:0074)

Updated jasper packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...

[SECURITY] [DSA 3138-1] jasper security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3138-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 25, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3138-1] jasper security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3138-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 25, 2015 http://www.debian.org/security/faq -...

DSA-3138-1 jasper - security update

Bulletin has no description...