[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Multiple vulnerabilities has been found and corrected in xfig: Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of ...

Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input . Update: The previous patch had a typo that caused incorrect behaviour in WordNet. This update uses an update patch that corrects the issue and also notes the additional assigned CVE name for these issues.

Kalle Olavi Niemitalo found two boundary errors in the fsplib library, a copy of which is included in gFTP source. A remote attacer could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name, possibly resulting in the execution of arbitrary code or a denial of service . The updated packages have been patched to correct these issues.

An off-by-one error was found in ClamAV versions prior to 0.94.1 that could allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted VBA project file . Other bugs have also been corrected in 0.94.1 which is being provided with this update.

A vulnerability in the Net::DNS perl module was found that could allow remote attackers to cause a denial of service via a crafted DNS response. The updated packages have been patched to correct this issue.

The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ":safe", did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration . A stack-based buffer overflow in emacs could allow user-ass ...

A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code . In addition, the fixes for CVE-2005-0706 were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 . This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this ...

Two buffer overflow vulnerabilities were discovered in GNU enscript, which could allow an attacker to execute arbitrary commands via a specially crafted ASCII file, if the file were opened with the -e or --escapes option enabled . The updated packages have been patched to prevent these issues.

A buffer overflow was found by Russell O"Conner in the libsamplerate library versions prior to 0.1.4 that could possibly lead to the execution of arbitrary code via a specially crafted audio file . The updated packages have been patched to prevent this issue.

The ReadImage function in Tk did not check codeSize read from GIF images prior to initializing the append array, which could lead to a buffer overflow with unknown impact. The updated packages have been patched to correct this issue.


Pages:      Start    170    171    172    173    174    175    176    177    178    179    180    181    182    ..   182

© SecPod Technologies