JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...

libgd memory leak vulnerability

libgd also known as GD Graphics Library or libgd2 is an American software developer Thomas Boutell developed an open source library for dynamic image creation, which supports the creation of charts, graphs and thumbnails and so on. A memory leak vulnerability exists in the 'gdCtxPrintf' function ...

Updated libgd packages fix security vulnerabilities

Updated libgd packages fix security vulnerabilities: The gdImageScaleTwoPass function in gdinterpolation.c in libgd before 2.2.0 uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service memory consumption via a crafted call, as demonstrated by a...

Updated latex2rtf packages fix security vulnerability

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...

Buffer overflow

Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to "serious errors in the usage of snprintf/vsnprintf" in which the return values may be larger than the size of the buffer...

FreeBSD : spamdyke -- Buffer Overflow Vulnerabilities (7d2336c2-4607-11e1-9f47-00e0815b8da8)

Secunia reports : Fixed a number of very serious errors in the usage of snprintf/vsnprintf. The return value was being used as the length of the string printed into the buffer, but the return value really indicates the length of the string that could be printed if the buffer were of infinite size...

spamdyke -- Buffer Overflow Vulnerabilities

Secunia reports: Fixed a number of very serious errors in the usage of snprintf/vsnprintf. The return value was being used as the length of the string printed into the buffer, but the return value really indicates the length of the string that could be printed if the buffer were of infinite size...

Python多个整数溢出漏洞

BUGTRAQ ID: 30491 CVECAN ID: CVE-2008-2315,CVE-2008-2316,CVE-2008-3142,CVE-2008-3143,CVE-2008-3144 Python是一种开放源代码的脚本编程语言。 Python中存在多个整数溢出漏洞，可能允许恶意用户导致拒绝服务或入侵有漏洞的系统。 1 stringobject、unicodeobject、bufferobject、longobject、tupleobject、stropmodule、gcmodule、mmapmodule等核心模块中存在各种整数溢出。 2...

Format string

fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...

CVE-2008-2711

fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...

CVE-2008-2711

fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...

CVE-2008-2711

CVE-2008-2711 affects fetchmail versions 6.3.8 and earlier. In verbose log mode, a malformed mail message with long headers can trigger an erroneous dereference during log formatting (vsnprintf), causing a remote denial of service via a crash and resulting persistent mail failure. Connected advis...

CVE-2008-2711

fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...

Perdition IMAP代理str_vwrite函数远程格式串处理漏洞

BUGTRAQ ID: 26270 Perdition是一款POP3和IMAP4代理服务器。 Perdition IMAPD的一个IMAP输出字符串格式化函数中存在格式串漏洞，远程攻击者可能利用此漏洞控制服务器。 在某些情况下，未经验证便将IMAP标签（IMAP命令的最初部分）拷贝到了字符缓冲区，然后做为格式串将这个缓冲区传送给了vsnprintf。在调用vsnprintf之前，执行了以下格式串验证以防范注入： str.c： ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 168:...

CVE-2007-3294

Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via 1 a long second argument to the tidyparsestring function or 2 an unspecified vector to the tidyrepairstring function. NOTE...

Buffer overflow

Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via 1 a long second argument to the tidyparsestring function or 2 an unspecified vector to the tidyrepairstring function. NOTE...

CVE-2007-3294

Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via 1 a long second argument to the tidyparsestring function or 2 an unspecified vector to the tidyrepairstring function. NOTE...

Mandrake Linux Security Advisory : dhcp (MDKSA-2004:061)

A vulnerability in how ISC's DHCPD handles syslog messages can allow a malicious attacker with the ability to send special packets to the DHCPD listening port to crash the daemon, causing a Denial of Service. It is also possible that they may be able to execute arbitrary code on the vulnerable...

DEBIAN-CVE-2003-0107

Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code...

CVE-2001-0850

The CVE-2001-0850 entry concerns a configuration error in the libdb1 package of OpenLinux 3.1. The vulnerability arises from insecure versions of snprintf and vsnprintf used by libdb1, which could allow local or remote users to trigger a buffer overflow. Affected software: OpenLinux 3.1 (libdb1)....