[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A vulnerability has been found and corrected in gd: The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details a ...

Some vulnerabilities were discovered and corrected in bind: Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled , allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive ...

Multiple vulnerabilities has been found and corrected in apache : The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service via a cookie that lacks both a name and a value . scoreboard.c in the Apache ...

Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file . Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeTyp ...

A vulnerability has been found and corrected in php: The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a crafted argument . Packages for 2008.0 are provided for Corporate Desktop 2008 ...

Multiple vulnerabilities were discovered and corrected in cups: Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings . ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers ...

Multiple vulnerabilities has been found and corrected in mysql: The server failed to check the table name argument of a COM_FIELD_LIST command packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument to COM_FIELD_LIST . The server cou ...

Multiple vulnerabilities has been found and corrected in gzip: A missing input sanitation flaw was found in the way gzip used to decompress data blocks for dynamic Huffman codes. A remote attacker could provide a specially-crafted gzip compressed data archive, which once opened by a local, unsuspecting user would lead to denial of service or, potentially, to arbitrary code execution with the priv ...

Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file . Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeTyp ...

Multiple vulnerabilities were discovered and corrected in cups: Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings . The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc call ...


Pages:      Start    3    4    5    6    7    8    9    10    11    12    13    14    15    16    ..   182

© SecPod Technologies