[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 81470 Download | Alert*

Multiple vulnerabilities has been found and corrected in openafs: The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro . Heap-based buffer overflow in the cache manager ...

Security vulnerabilities have been discovered and corrected in gstreamer0.10-plugins-good, might allow remote attackers to execute arbitrary code via a malformed QuickTime media file . The updated packages have been patched to prevent this.

A vulnerability has been found and corrected in xerces-c: Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service via vectors involving nested parentheses and invalid byte values in simply nested DTD structures, as demonstrated by the Codenomicon XML fuzzing framework . This update provid ...

A vulnerability was discovered and corrected in krb5-appl: ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a config ...

A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font in a document . The updated packages have been patched to correct these issues.

A vulnerability has been found and corrected in proftpd: Heap-based buffer overflow in the sql_prepare_where function in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query . Packages for 2009. ...

Multiple vulnerabilities has been found and corrected in xfig: Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of ...

Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input . Update: The previous patch had a typo that caused incorrect behaviour in WordNet. This update uses an update patch that corrects the issue and also notes the additional assigned CVE name for these issues.

Kalle Olavi Niemitalo found two boundary errors in the fsplib library, a copy of which is included in gFTP source. A remote attacer could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name, possibly resulting in the execution of arbitrary code or a denial of service . The updated packages have been patched to correct these issues.

An off-by-one error was found in ClamAV versions prior to 0.94.1 that could allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted VBA project file . Other bugs have also been corrected in 0.94.1 which is being provided with this update.


Pages:      Start    8065    8066    8067    8068    8069    8070    8071    8072    8073    8074    8075    8076    8077    8078    ..   8146

© SecPod Technologies