iDefense Security Advisory 11.30.06 - Remote exploitation of a heap overflow vulnerability in libgsf, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code. iDefense has confirmed the existence of this vulnerability in version 1.14.0 of the Gnome Structured File library. Any applications or libraries that utilize this library for OLE should be considered vulnerable.
5d4c56467eb778c75d08c305bfec51da69d2f5789a00f83e1d00ad34f3088755libwmf version 0.2.8.4 has been found susceptible to an integer overflow in memory allocation that leads to a heap overflow.
bd8dadf074afb77c1e1dcaff5970a2d24b3b85d8a32148d37d67bb55551bbb06iDEFENSE Security Advisory 12.05.05 - Local exploitation of a heap-based buffer overflow vulnerability in xpdf, as included by various vendor's software distributions, could allow attackers to cause a denial of service (DoS) condition, potentially resulting in arbitrary code execution. The vulnerability specifically exists due to insufficient input validation in the Predictor stream parsing code. iDefense has confirmed the existence of this vulnerability in xpdf 3.01. All earlier versions of xpdf are suspected vulnerable.
8bcb44661cdacec7ceadd97f0cc736bb5622e16f70ec4bc0b0b5a315146b9d5ciDEFENSE Security Advisory 12.05.05 - Local exploitation of a heap-based buffer overflow vulnerability in xpdf, as included by multiple vendor's software distributions, could allow attackers to cause a denial of service (DoS) condition, potentially resulting in arbitrary code execution. The vulnerability specifically exists due to insufficient input validation in the DCT stream parsing code. The DCTStream::readProgressiveSOF function from xpdf/Stream.cc takes the value of numComps from user-controllable data from within the PDF file. The numComps value is used in a loop to copy data from the file into a pre-allocated buffer in the heap. iDefense has confirmed the existence of this vulnerability in xpdf 3.01. All earlier versions of xpdf are suspected vulnerable.
c6103f732bea5f0f3b3c1eccfb9724f0b4ae65ebb4bcbf19c83b3651216ae70diDEFENSE Security Advisory 12.05.05 - Local exploitation of a heap-based buffer overflow vulnerability in xpdf, as included in various vendors' operating system distributions, could allow attackers to cause a denial of service condition, potentially resulting in arbitrary code execution. The vulnerability specifically exists due to insufficient input validation in the DCT stream parsing code. The DCTStream::readProgressiveSOF function from xpdf/Stream.cc takes the value of numComps from user-controllable data from within the PDF file. The numComps value is used in a loop to copy data from the file into a pre-allocated buffer in the heap. iDefense has confirmed the existence of this vulnerability in xpdf 3.01. All earlier versions of xpdf are suspected vulnerable.
1f21cf2f6e75e6932a8bc024b1576bb7b23fa3741017033cc4d840230b9e6e54iDEFENSE Security Advisory 12.05.05 - Local exploitation of a heap-based buffer overflow vulnerability in xpdf, as included by multiple vendor's software distributions, could allow attackers to cause a denial of service (DoS) condition, potentially resulting in arbitrary code execution. The vulnerability specifically exists due to insufficient input validation in the JPX Stream parsing code for decoding embedded JPEG 2000 images. iDefense has confirmed the existence of this vulnerability in xpdf 3.01. All earlier versions of xpdf are suspected vulnerable.
461e2c30244cb0b905fd84506412e0b22210fbc6a3c74965d22b1ee24d1e7f5fiDEFENSE Security Advisory 11.15.05 - Remote exploitation of heap overflow vulnerability in various vendors' implementations of the GTK+ gdk-pixbuf XPM image rendering library could allow for arbitrary code execution. iDEFENSE has confirmed the existence of this vulnerability in gtk+ 2.4.0 compiled from source. It is suspected that previous versions are also affected by this vulnerability.
9a1e17f88fa6218b97ce0ae4ed138dc184c63e9e937e052785cc119ca6a574caiDEFENSE Security Advisory 10.04.05-2 - Remote exploitation of a buffer overflow vulnerability in Symantec AntiVirus Scan Engine can allow remote attackers to execute arbitrary code. iDEFENSE Labs has confirmed the existence of this vulnerability in Symantec AntiVirus Scan Engine 4.0. The vendor has confirmed that the vulnerability also effects products utilizing Symantec AntiVirus Scan Engine 4.3, however Scan Engine 4.1 is not affected.
108341654e1a935e4d2076d655403559fe000d75561a5a6e6110ae15c2361826iDEFENSE Security Advisory 10.04.05-1 - Remote exploitation of a buffer overflow vulnerability in the University of Washington's IMAP Server (UW-IMAP) allows attackers to execute arbitrary code. iDEFENSE has confirmed the existence of this vulnerability in Washington University imap-2004c1.
7d725edae7244a458754d80ce51bdd887cb05f856c6affc066bdd5364905672biDEFENSE Security Advisory 05.25.05-4 - Remote exploitation of a format string vulnerability in the imap4d server within version 0.6 of the GNU Project's Mailutils package could allow an unauthenticated attacker to execute arbitrary code. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions which contain the imap4d server are also affected.
4cf6b51e3b3de7821c70ccf23e85db00e625d0bb564cf87adce27d31b50b5a98iDEFENSE Security Advisory 05.25.05-3 - Remote exploitation of an input validation in the FETCH command of the imap4d server from the GNU Project's Mailutils package error may allow an authenticated remote attacker to perform a denial of service against an affected system. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions which contain the imap4d server are also affected.
4c5aa30186c7162b02ebf906f88e2e4cd4f93d8df4ce8ddb3d8efc62e4187276iDEFENSE Security Advisory 05.25.05-2 - Remote exploitation of an integer overflow in the fetch_io function of the imap4d server from the GNU Project's Mailutils package error may allow an authenticated remote attacker to execute arbitrary code. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions which contain the imap4d server are also affected.
7fb4d239272860005e990f7075e20c3f020b270fdedb6c8daade3f143553ad88iDEFENSE Security Advisory 05.25.05-1 - Exploitation of a buffer overflow vulnerability in the mail binary of the GNU Projects Mailutils package may allow a remote attacker to execute commands with the privileges of the targeted user. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions may also be affected.
1ceee07eb37061ac9fd8bec29cf4094c916eb57a1044ae25e6c4c819f1873008Remote root exploit for the preparse_address_1() heap buffer overflow in Smail versions 3.20.120 and below.
03fa4cf4484ee5197112b1be3896401a73baeca9c53af9ffcfb129454017221eSmail versions 3.20.120 and below are susceptible to a remote root heap buffer overflow vulnerability and local signal handling vulnerabilities as well. Patch included.
687ed526cf062478c0cf3875a41bfd3238dd39ac7abefb34d516fac6450a322aiDEFENSE Security Advisory 02.21.05 - Remote exploitation of a stack-based buffer overflow in various Unix / Linux vendors implementations of cURL could allow for arbitrary code execution on the targeted host. An exploitable stack-based buffer overflow condition exists when using Kerberos authentication.
a50d1b9c40577ef0879856693b164ebd622ca9837cccf42b229ed787f877b279iDEFENSE Security Advisory 02.21.05 - Remote exploitation of a stack-based buffer overflow in various Unix / Linux vendors implementations of cURL could allow for arbitrary code execution on the targeted host. An exploitable stack-based buffer overflow condition exists when using NT Lan Manager (NTLM) authentication.
747bd27de063e14c01ea3bbdf599000f8a09b4f4b02690d729244fdbd998fe3eiDEFENSE Security Advisory 12.21.2004-5 - Remote exploitation of an integer overflow in libtiff may allow for the execution of arbitrary code. The overflow occurs in the parsing of TIFF files set with the STRIPOFFSETS flag in libtiff/tif_dirread.c.
8a8254c9fc0b1a9b393e44e322fac00ab2ce5872586a7de59b5126de5d2f2431iDEFENSE Security Advisory 12.21.2004-4 - Remote exploitation of a heap-based buffer overflow vulnerability within the LibTIFF package could allow attackers to execute arbitrary code.
29d38151960c7c164835aed41fe8fc1b9de34bb6dce44ac108c2d43e583658a1iDEFENSE Security Advisory 12.13.2004 - Remote exploitation of an integer overflow vulnerability in various vendors' implementations of the read_prf_file method in the xzgv program could allow for arbitrary code execution.
5393676d2ee5c00ab36a17babbea1215962c2e1c88dc9a22161fdebf79ec7187zgv uses malloc() frequently to allocate memory for storing image data. When calculating how much to allocate, user supplied data from image headers is multiplied and/or added without any checks for arithmetic overflows. There are a total of 11 overflows that are exploitable to execute arbitrary code.
384321769122fcd48526d6ca52ea357c6591e42351db86b1769e1b9d247e3dd5Remote root exploit for a heap buffer overflow in wvftp-0.9.
9593f0c5fd5fd0c44d00731d177d4bc57c6937f84780bfbf1801854b65e8faf1The GNU tftp client in the inetutils-1.4.2 is susceptible to buffer overflow attacks. Due to untrusted data from DNS resolved hostname being copied into finite static buffers without any bounds checking, several buffers can be overflowed in the .bss. Arbitrary code execution is possible.
5eb3d155894c1cfde68846c89bedeb4204bb3d8d2f781339cec732d062d962a0Improper verification of header fields lets an attacker make the pppd server from ppp-241 access memory it isn't allowed to, resulting in a crash of the server. There is no possibility of code execution, as there is no data being copied, just a pointer dereferenced.
574ce2da45902592be233f5fc4f8dac25e1f63f317486c8767787082f1cd1486Local exploit tested against libxml2-2.6.12 and libxml2-2.6.13 that makes use of libxml remotely exploitable buffer overflows.
df45b66cae305c03efbb5a88fba4a7f4c1d037611a3521f385486026caaff373
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed