227 matches found
Apple QuickTime MOV File String Handling Integer Overflow (CVE-2005-2753)
Apple QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous video formats. QuickTime is capable of processing the Apple QuickTime movie file format, which is a proprietary format created by Appl...
[SECURITY] Fedora 11 Update: qt-4.5.3-9.fc11
Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...
KLA10164 DoS vulnerability in Foxit Reader
Improper string handling was found in Foxit Reader. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed PDF file. Original advisories - Related products Foxit-Reader...
CVE-2009-0912
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors...
RedHat Update for ruby RHSA-2008:0561-01
Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0561-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
CentOS Update for ruby CESA-2008:0562-01 centos2 i386
Check for the Version of ruby OpenVAS Vulnerability Test CentOS Update for ruby CESA-2008:0562-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Fedora Update for qt4 FEDORA-2008-3379
Check for the Version of qt4 OpenVAS Vulnerability Test Fedora Update for qt4 FEDORA-2008-3379 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...
Moderate: Red Hat Security Advisory: ruby security update
Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...
Moderate: Red Hat Security Advisory: ruby security update
Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...
DeleGate Multiple Buffer Overflow Vulnerabilities
Overview DeleGate suffers buffer overflow when scanf, strncpy and other string handling process are set to fail with a long string sent by proxy. Impact An attacker could execute arbitrary code with the privileges of the user running DeleGate. Solution Please refer to the 'Vendor Information'...
Debian Security Advisory DSA 324-1 (ethereal)
The remote host is missing an update to ethereal announced via advisory DSA 324-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 5.04 / 5.10 / 6.06 LTS / 6.10 : screen vulnerability (USN-370-1)
cstone and Rich Felker discovered a programming error in the UTF8 string handling code of 'screen' leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code. Note that Tenable Network Security has extracted the...
GLSA-200702-10 : UFO2000: Multiple vulnerabilities
"The remote host is affected by the vulnerability described in GLSA-200702-10 UFO2000: Multiple vulnerabilities Five vulnerabilities were found: a buffer overflow in recvaddunit %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
VLC Media Player畸形“udp://”URI格式串处理漏洞
VLC Media Player是一款免费的媒体释放器。 VLC Media Player在处理畸形的URI串时存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 VLC Media Player在处理“udp://”开头的URI串时存在格式串处理漏洞,远程攻击者可能利用此漏洞通过诱使用户访问恶意网页或打开恶意M3U文件控制用户机器。 VideoLAN VLC Media Player 0.x 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 不要打开来源不可信任的M3U文件。 厂商补丁: VideoLAN --------...
CVE-2005-0255
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstringCharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execut...
CVE-2005-0255
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstringCharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execut...
Critical: Red Hat Security Advisory: thunderbird security update
Updated thunderbird packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A buffer overflow bug was found in the way Thunderbird processe...
security flaw
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstringCharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execut...
CVE-2005-0255
CVE-2005-0255 affects Mozilla Suite 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2. The flaw is in string handling (nsTSubstring_CharT::Replace) where return values of functions that resize strings are not properly checked, which can lead to a reallocation failure and a pointer to a fixed addre...
CVE-2004-1527
Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows remote attackers ...