[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43419 Download | Alert*

A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code . In addition, the fixes for CVE-2005-0706 were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 . This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this ...

Two buffer overflow vulnerabilities were discovered in GNU enscript, which could allow an attacker to execute arbitrary commands via a specially crafted ASCII file, if the file were opened with the -e or --escapes option enabled . The updated packages have been patched to prevent these issues.

A buffer overflow was found by Russell O"Conner in the libsamplerate library versions prior to 0.1.4 that could possibly lead to the execution of arbitrary code via a specially crafted audio file . The updated packages have been patched to prevent this issue.

The ReadImage function in Tk did not check codeSize read from GIF images prior to initializing the append array, which could lead to a buffer overflow with unknown impact. The updated packages have been patched to correct this issue.

Bzip2 versions before 1.0.5 are vulnerable to a denial of service attack via malicious compressed data. The updated packages have been patched to prevent the issue.

A stack-based buffer overflow was discovered in libcdio that allowed context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a disk or image file that contains a long joliet file name. In addition, a fix for failed UTF-8 conversions that would cause a segfault on certain ISOs was also fixed. The updated packages have been patched to correct this issue.

A buffer overflow in PCRE 7.x before 7.6 allows remote attackers to execute arbitrary code via a regular expression that contains a character class with a large number of characters with Unicode code points greater than 255. The updated packages have been patched to correct these issues.

A flaw was found in how CUPS handled the addition and removal of remote printers via IPP that could allow a remote attacker to send a malicious IPP packet to the UDP port causing CUPS to crash. The updated packages have been patched to correct these issues.

Tavis Ormandy of Google Security discovered an invalid pointer flaw in unzip that could lead to the execution of arbitrary code with the privileges of the user running unzip. The updated packages have been patched to correct this issue.

Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input . The updated packages have been patched to prevent these issues.


Pages:      Start    4314    4315    4316    4317    4318    4319    4320    4321    4322    4323    4324    4325    4326    4327    ..   4341

© SecPod Technologies