[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44042 Download | Alert*

Will Drewry reported multiple flaws in how libicu processed certain malformed regular expressions. If an application linked against libicu, such as OpenOffice.org, processed a carefully-crafted regular expression, it could potentially cause the execution of arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.

A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. Other bugs have also been corrected in 0.93.1 which is being provided with this update.

A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes. The updated packages have been patched to correct this issues.

Several vulnerabilities were discovered in rdesktop, a Remote Desktop Protocol client. An integer underflow vulnerability allowed attackers to cause a denial of service and possibly execute arbitrary code with the privileges of the logged-in user . A buffer overflow vulnerability allowed attackers to execute arbitrary code with the privileges of the logged-in user . An integer signedness vulnerab ...

A heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially-crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker to execute arbitrary code on the system running ImageMagick . Another heap-based buffer overflow vulnerability was found in how ImageMagick ...

A double free vulnerability in Perl 5.8.8 and earlier versions, allows context-dependent attackers to cause a denial of service via a crafted regular expression containing UTF8 characters. The updated packages have been patched to prevent this.

A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library . The ogg123 application in vorbis-tools is similarly affected by this i ...

A flaw was found in exiv2 that would cause exiv2, or applictions linked to libexiv2, to crash on image files with certain metadata in the image . The updated packages have been patched to prevent this issue.

An input validation flaw was found in X.org"s Security and Record extensions. A malicious authorized client could exploit the issue to cause a denial of service or possibly execute arbitrary code with root privileges on the X.org server . An input validation flaw was found in X.org"s MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the dis ...

An integer overflow vulnerability was reported by iDefense with clamav when parsing Portable Executable files packed in he MEW format. This could be exploited to cause a heap-based buffer overflow . Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files . As well, an unspecified vulnerability related to the bzip2 decompression algorithm was also discovered . Oth ...


Pages:      Start    4313    4314    4315    4316    4317    4318    4319    4320    4321    4322    4323    4324    4325    4326    ..   4404

© SecPod Technologies