Download
| Alert*
oval:org.secpod.oval:def:4729
The host is missing a critical security update according to Apple advisory, APPLE-SA-2010-11-10-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:300108 Multiple vulnerabilities has been found and corrected in gzip: A missing input sanitation flaw was found in the way gzip used to decompress data blocks for dynamic Huffman codes. A remote attacker could provide a specially-crafted gzip compressed data archive, which once opened by a local, unsuspect ... oval:org.secpod.oval:def:4719 The host is installed with Apple Mac OS X 10.6 before 10.6.5 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted archive that uses LZW compression. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:100258 The gzip package contains the popular GNU gzip data compression program. Gzipped files have a .gz extension. Gzip should be installed on your system, because it is a very commonly used data compression program. oval:org.secpod.oval:def:100840 The gzip package contains the popular GNU gzip data compression program. Gzipped files have a .gz extension. Gzip should be installed on your system, because it is a very commonly used data compression program. oval:org.secpod.oval:def:500325 The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch compression algorithm. If a victim expanded a specially-crafted archive, it could cause ... oval:org.mitre.oval:def:7495 Several vulnerabilities have been found in gzip, the GNU compression utilities. The Common Vulnerabilities and Exposures project identifies the following problems: Thiemo Nagel discovered a missing input sanitation flaw in the way gzip used to decompress data blocks for dynamic Huffman codes, which ... oval:org.secpod.oval:def:202674 The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. If a victim expanded a specially-crafted archive, it could c ... oval:org.secpod.oval:def:200007 The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch compression algorithm. If a victim expanded a specially-crafted archive, it could cause ... oval:org.secpod.oval:def:200106 The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch compression algorithm. If a victim expanded a specially-crafted archive, it could cause ... oval:org.secpod.oval:def:201933 The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch compression algorithm. If a victim expanded a specially-crafted archive, it could cause ... oval:org.mitre.oval:def:11897 Aki Helin discovered an integer underflow in ncompress, the original Lempel-Ziv compress/uncompress programs. This could lead to the execution of arbitrary code when trying to decompress a crafted LZW compressed gzip archive. oval:org.secpod.oval:def:700201 It was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program. A ... oval:org.secpod.oval:def:201865 The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch compression algorithm. If a victim expanded a specially-crafted archive, it could cause ... oval:org.secpod.oval:def:301071 A vulnerability has been found and corrected in ncompress: An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch compression algorithm. A remote attacker could provide a specially-crafted LZW compressed ... oval:org.secpod.oval:def:400049 Specially crafted PDF files could crash acroread. Attackers could potentially exploit that to execute arbitrary code CVE-2009-3953, CVE-2009-3957, CVE-2009-4324. Acrobat reader was updated to version 9.3 to fix the security issues. Note: Due to integration issues with the major version update of acr ... oval:org.secpod.oval:def:600070 Several vulnerabilities have been found in gzip, the GNU compression utilities. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2624 Thiemo Nagel discovered a missing input sanitation flaw in the way gzip used to decompress data blocks for dynamic Huffman ... oval:org.secpod.oval:def:600150 Aki Helin discovered an integer underflow in ncompress, the original Lempel-Ziv compress/uncompress programs. This could lead to the execution of arbitrary code when trying to decompress a crafted LZW compressed gzip archive. For the stable distribution , this problem has been fixed in version 4.2.4 ... |