Download
| Alert*
oval:org.secpod.oval:def:361
The host is installed with Apple iTunes before 10.2 or Apple Safari before 5.0.4 and is prone to buffer overflow vulnerability. A flaw is present in LibTIFF in ImageIO, which fails to handle TIFF images with JPEG encoding. Successful exploitation could allow remote attackers to execute arbitrary cod ... oval:org.secpod.oval:def:600575 The recent tiff update DSA-2210-1 introduced a regression that could lead to encoding problems of tiff files. This update fixes this problem . For reference, the description of the original DSA, which fixed CVE-2011-0191 CVE-2011-0192 CVE-2011-1167 CVE-2011-0191 A buffer overflow allows to execute a ... oval:org.secpod.oval:def:600561 Several vulnearbilities were discovered in the TIFF manipulation and conversion library: CVE-2011-0191 A buffer overflow allows to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding. This issue affects the Debian 5.0 Lenny package only. CVE-2011-0192 A bu ... oval:org.secpod.oval:def:700257 Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu ... oval:org.secpod.oval:def:2882 The host is installed with Apple iTunes before 10.2 or Apple Safari 5.0.4 or Apple Mac OS X 10.6.0 through 10.6.6 and is prone to buffer overflow vulnerability. A flaw is present in the application which fails to handle a crafted TIFF image with JPEG encoding. Successful exploitation could allow re ... oval:org.secpod.oval:def:300430 Multiple vulnerabilities were discovered and corrected in libtiff: Buffer overflow in LibTIFF allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding . Heap-based buffer overflow in the thunder decoder in tif_thunder.c in LibTIFF 3 ... oval:org.secpod.oval:def:400008 The openSUSE 11.3 kernel was updated to 2.6.34.8 to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-1493: In the rose networking stack, when parsing the FAC_NATIONAL_DIGIS facilities field, it was possible for a remote host to provide more digipeaters than e ... oval:org.secpod.oval:def:3050 The host is missing an important security update according to, APPLE-SA-2011-03-21-1. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:17340 The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:2677 The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:2936 The host is missing an APPLE-SA-2011-03-02-1 iTunes 10.2 update according to Apple Product Security. The update is required to fix denial of service vulnerability in Apple iTunes. The flaws are present in WebKit, ImageIO and libxml which fails to handle vectors related to iTunes Store browsing, craf ... oval:org.secpod.oval:def:2935 The host is missing an APPLE-SA-2011-03-02-1 iTunes 10.2 update according to Apple Product Security. The update is required to fix denial of service vulnerability in Apple iTunes. The flaws are present in WebKit, ImageIO and libxml which fails to handle vectors related to iTunes Store browsing, craf ... |