724 matches found
SuSE 10 Security Update : gimp (ZYPP Patch Number 8251)
This update of The Gimp fixes a heap overflow that could have been exploited by attackers to cause a Denial of Service application crash or even to potentially execute arbitrary code. CVE-2012-3402 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novel...
SuSE 10 Security Update : dhcp (ZYPP Patch Number 8245)
This update of dhcp fixed two security vulnerabilities : - Malformed client identifiers could cause a Denial of Service excessive CPU consumption, effectively causing further client requests to not be processed anymore. CVE-2012-3571 - Two unspecified memory leaks. CVE-2012-3954 %NASLMINLEVEL 703...
SuSE 10 Security Update : flash-player (ZYPP Patch Number 8249)
This update of flash-player fixes a security issue that could allow attackers to execute arbitrary code remotely. CVE-2012-1535 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
SuSE 10 Security Update : libjpeg (ZYPP Patch Number 8233)
This update to libjpeg fixes a heap overflow in the JPEG decompression functions. CVE-2012-2806 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid61567;...
SuSE 10 Security Update : libpng (ZYPP Patch Number 8234)
An integer overflow has been fixed in libpng. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid61547; scriptversion"1.5";...
SuSE 10 Security Update : apache2-mod_python (ZYPP Patch Number 8127)
Apache2 modpython has been changed to enable randomized hashes to help fixing denial of service problems by injecting prepared values into Python hash functions. CVE-2012-1150 As some Python scripts might need a known hashing order, the old behaviour can be restored using a newly introduced modul...
SuSE 10 Security Update : bash (ZYPP Patch Number 8217)
Parsing the /dev/fd prefix could have lead to a stack-based buffer overflow which could have been exploited by attackers to bypass security restrictions. CVE-2012-3410 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 10 Security Update : Gimp (ZYPP Patch Number 8219)
This update of Gimp fixed a NULL pointer dereference flaw in the fit format handler. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid61453; scriptversion"1.4";...
SuSE 10 Security Update : libtiff (ZYPP Patch Number 8230)
This update of tiff fixes a heap-based buffer overflow that could have caused a crash or potentially allowed attackers to execute arbitrary code. CVE-2012-3401 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 10 Security Update : libexif (ZYPP Patch Number 8224)
Various overflows and other security related bugs in libexif were found by the Google Security team and fixed by the libexif developers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0;...
SuSE 10 Security Update : libxslt (ZYPP Patch Number 8207)
The following issue has been fixed : - Specially crafted XSL documents could have crashed libxslt. CVE-2012-2825 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
SuSE 10 Security Update : libtiff (ZYPP Patch Number 8199)
The following issue has been fixed : - Specially crafted tiff files could have caused overflows in libtiff. CVE-2012-2088 / CVE-2012-2113 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc...
SuSE 10 Security Update : pidgin, finch and libpurple (ZYPP Patch Number 8220)
This update of pidgin fixes a stack-based buffer overflow in the MXit protocol which could have potentially been exploited by remote attackers to execute arbitrary code in the context of the user running pidgin. CVE-2012-3374 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text descripti...
SuSE 10 Security Update : net-snmp (ZYPP Patch Number 8153)
This update to net-snmp resolves the following issues : - Specially crafted SNMP GET requests could cause a denial of service application crash via a heap-based out-out-bounds read flaw which could be exploited remotely. CVE-2012-2141 - After rotating the net-snmp log file, use 'try-restart' to...
SuSE 10 Security Update : RPM (ZYPP Patch Number 8184)
Multiple security vulnerabilities were reported in RPM which could have been exploited via specially crafted RPM files to cause a denial of service application crash or potentially allow attackers to execute arbitrary code. Additionally, a non-security issue was fixed that could cause a division ...
SuSE 10 Security Update : clamav (ZYPP Patch Number 8200)
The following issue has been fixed : - Viruses contained in specially crafted tar or CHM files could have evaded detection by clamav. CVE-2012-1457 / CVE-2012-1458 / CVE-2012-1459 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 10 Security Update : gdk-pixbuf (ZYPP Patch Number 8158)
This update of gdk-pixbuf fixes multiple buffer overflows that could have caused a crash or potentially have allowed heap corruptions. CVE-2011-2485 / CVE-2012-2370 / CVE-2011-2897 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 10 Security Update : gtk2 (ZYPP Patch Number 8174)
The following issue has been fixed : - Specially crafted GIF and XBM files could have crashed gtk2. CVE-2012-2370 / CVE-2011-2485 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
SuSE 10 Security Update : socat (ZYPP Patch Number 8186)
This update fixes two small security issues in socat : - Fixed a stack overflow in commandline parsing bnc627475 / CVE-2010-2799 Only exploitable if an attacker can control the commandline parameters. - Fixed heap overflow in READLINE output mode. bnc759859 / CVE-2012-0219 %NASLMINLEVEL 70300 C...
SuSE 10 Security Update : wireshark (ZYPP Patch Number 8168)
This version upgrade of wireshark fixes multiple denial of service flaws : - denial of service via memory alignment flaw. CVE-2012-2394 - DIAMETER memory allocation flaw. CVE-2012-2393 - denial of service in multiple dissectors / parsers Additionally, various other non-security bug fixes have bee...