[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195521

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A security vulnerability has been identified and fixed in htmldoc: Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vec ...

A vulnerability was discovered and corrected in graphviz: Stack-based buffer overflow in the push_subg function in parser.y in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service or execute arbitrary code via a DOT file with a large number of Agraph_t elements . This update provides a fix for this vulnerability.

Various stack buffer overflows were discovered and corrected in sarg: Additionally the previous release fixed CVE-2008-1922 The updated packages have been patched to correct these issues.

Multiple vulnerabilities has been found and corrected in openafs: The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro . Heap-based buffer overflow in the cache manager ...

Multiple vulnerabilities has been found and corrected in openafs: The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro . Heap-based buffer overflow in the cache manager ...

Security vulnerabilities have been discovered and corrected in gstreamer0.10-plugins-good, might allow remote attackers to execute arbitrary code via a malformed QuickTime media file . The updated packages have been patched to prevent this.

A vulnerability has been found and corrected in xerces-c: Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service via vectors involving nested parentheses and invalid byte values in simply nested DTD structures, as demonstrated by the Codenomicon XML fuzzing framework . This update provid ...

A vulnerability was discovered and corrected in krb5-appl: ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a config ...

A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font in a document . The updated packages have been patched to correct these issues.

A vulnerability has been found and corrected in proftpd: Heap-based buffer overflow in the sql_prepare_where function in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query . Packages for 2009. ...


Pages:      Start    169    170    171    172    173    174    175    176    177    178    179    180    181    182    ..   182

© SecPod Technologies