1168 matches found
OpenSSL < 0.9.8o / 1.0.0a Multiple Vulnerabilities
Binary data 801057.prm...
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 : krb5 vulnerabilities (USN-940-1)
It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Only Ubuntu 6.06 LTS was affected. CVE-2007-5902,...
CVE-2010-0105
The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service filesystem corruption via a crafted application that calls the mkdir a...
Heap overflow
Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a fil...
Ubuntu 8.04 LTS : pan vulnerability (USN-845-1)
Pavel Polischouk discovered that Pan incorrectly handled certain data structures. If a user were tricked into viewing malicious nntp data, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Note that Tenable...
USN-845-1: Pan vulnerability
Pavel Polischouk discovered that Pan incorrectly handled certain data structures. If a user were tricked into viewing malicious nntp data, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...
SuSE 11 Security Update : OpenSSL (SAT Patch Number 772)
This update of openssl fixes the following problems : - ASN1STRINGprintex function allows remote denial of service. CVE-2009-0590 - CMSverify function allows signatures to look valid. CVE-2009-0591 - denial of service due to malformed ASN.1 structures. CVE-2009-0789 %NASLMINLEVEL 70300 C Tenable...
CVE-2009-3002
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...
Fedora 10 : xerces-c-2.8.0-5.fc10 (2009-8350)
This update fixes : - Bug 515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
Fedora 11 : xerces-c27-2.7.0-8.fc11 (2009-8332)
This update fixes : - Bug 515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
Fedora 11 : xerces-c-2.8.0-5.fc11 (2009-8345)
This update fixes : - Bug 515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
Fedora 10 : xerces-c27-2.7.0-8.fc10 (2009-8305)
This update fixes : - Bug 515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
CVE-2009-1924
Integer overflow in the Windows Internet Name Service WINS component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability."...
apr security update
CentOS Errata and Security Advisory CESA-2009:1204 Updated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache Portable...
CVE-2009-1885
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrat...
CVE-2009-1885
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrat...
[SECURITY] Fedora 11 Update: apr-util-1.3.9-1.fc11
The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more...
[SECURITY] Fedora 11 Update: apr-1.3.8-1.fc11
The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2...
[SECURITY] Fedora 10 Update: apr-util-1.3.9-1.fc10
The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more...
[SECURITY] Fedora 10 Update: apr-util-1.3.7-1.fc10
The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more...