[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Two vulnerabilities discovered in xine-lib allow remote execution of arbitrary code: Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute, related to the rmff_dump_header function and related to disregarding the max field. Multiple heap-based buffer overflows ...

Pavel Polischouk found a boundary error in the PartsBatch class in the Pan newsreader when processing .nzb files, which could allow remote attackers to cause a denial of serice or possibly execute arbitrary code via a crafted .nzb file . The updated packages have been patched to prevent this issue.

Stefan Cornelius of Secunia Research reported a boundary error when Blender processed RGBE images which could be used to execute arbitrary code with the privileges of the user running Blender if a specially crafted .hdr or .blend file were opened. As well, multiple vulnerabilities involving insecure usage of temporary files had also been reported . The updated packages have been patched to prevent ...

A heap-based buffer overflow was found in GNU ed that allowed context-dependent or user-assisted attackers to execute arbitrary code via a long filename . This update provides GNU ed 1.0, which is not vulnerable to this issue.

Alan Rad Pop of Secunia Research discovered the following two vulnerabilities in Evolution: Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the Itip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or potentially execute arbitrary code with the user"s privileges . Evolution also did n ...

Chris Evans of the Google Security Team found a vulnerability in the RC4 processing code in libxslt that did not properly handle corrupted key information. A remote attacker able to make an application linked against libxslt process malicious XML input could cause the application to crash or possibly execute arbitrary code with the privileges of the application in question . The updated packages h ...

A vulnerability was found in the SILC toolkit before version 1.1.5 that allowed a remote attacker to cause a denial of service , or possibly execute arbitrary code via long input data . A vulnerability was found in the SILC toolkit before version 1.1.7 that allowed a remote attacker to execute arbitrary code via a crafted PKCS#2 message . The updated packages have been patched to correct these iss ...

A vulnerability was found and corrected in bash: A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names and evaluating /dev/fd file names in conditinal command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash . Ad ...

A vulnerability has been found and corrected in graphicsmagick: The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service via a crafted PNG file that triggers incorrect memory allocation . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in lvm2: The cluster logical volume manager daemon in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted control commands . The updated pac ...


Pages:      Start    172    173    174    175    176    177    178    179    180    181    182    ..   182

© SecPod Technologies