[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6597 Download | Alert*

Two vulnerabilities have been discovered in libdbd-pg-perl, the DBI driver module for PostgreSQL database access (DBD::Pg). A heap-based buffer overflow may allow attackers to execute arbitrary code through applications which read rows from the database using the pg_getline and getline functions. (More common retrieval methods, such as selectall_arrayref and fetchrow_array, are not affected.) A me ...

Several vulnerabilities have been found in gst-plugins-bad0.10, a collection of various GStreamer plugins. The Common Vulnerabilities and Exposures project identifies the following problems: Tobias Klein discovered a buffer overflow in the quicktime stream demuxer (qtdemux), which could potentially lead to the execution of arbitrary code via crafted .mov files. Tobias Klein discovered an array ind ...

Several vulnerabilities have been discovered in mimetex, a lightweight alternative to MathML. The Common Vulnerabilities and Exposures project identifies the following problems: Chris Evans and Damien Miller, discovered multiple stack-based buffer overflow. An attacker could execute arbitrary code via a TeX file with long picture, circle, input tags. Chris Evans discovered that mimeTeX contained c ...

Nico Golde discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a buffer overflow in the HTTP Basic Authentication code, allowing a remote attacker to crash PeerCast or execute arbitrary code.

Multiple buffer overflows involving HTTP header and playlist parsing have been discovered in streamripper (CVE-2007-4337, CVE-2008-4829). For the stable distribution (etch), these problems have been fixed in version 1.61.27-1+etch1. For the unstable distribution (sid) and the testing distribution (lenny), these problems have been fixed in version 1.63.5-2. We recommend that you upgrade your stream ...

Tavis Ormandy discovered that unzip, when processing specially crafted ZIP archives, could pass invalid pointers to the C library"s free routine, potentially leading to arbitrary code execution (CVE-2008-0888).

Matt Murphy discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files.

Michael Brooks discovered that ctorrent, a text-mode bittorrent client, does not verify the length of file paths in torrent files. An attacker can exploit this via a crafted torrent that contains a long file path to execute arbitrary code with the rights of the user opening the file. The oldstable distribution (etch) does not contain ctorrent.

Miroslav Lichvar discovered that newt, a windowing toolkit, is prone to a buffer overflow in the content processing code, which can lead to the execution of arbitrary code.

Julien Danjou and Peter De Wachter discovered that a buffer overflow in the XPM loader of Imlib2, a powerful image loading and rendering library, might lead to arbitrary code execution.


Pages:      Start    645    646    647    648    649    650    651    652    653    654    655    656    657    658    ..   659

© SecPod Technologies