Next Page >>
crafted
advisory outlines the details of these vulnerabilities:
* VPN Authentication Bypass when Account Override Feature is Used
vulnerability
* Crafted HTTP packet denial of service (DoS) vulnerability
* Crafted TCP Packet DoS vulnerability
* Crafted H.323 packet DoS vulnerability
----------------------------
Vulnerability Descriptions
----------------------------
1. Specially crafted infected POSIX TAR files with "[aliases]" as first 9 bytes
evades detection.
Affected products -
ClamAV 0.96.4, CAT-QuickHeal 11.00
| | All versions | All versions |
| Privilege Escalation Vulnerability | prior to A1 | prior to A2 |
| | (8a) | (1.2) |
|-------------------------------------+--------------+--------------|
| | All versions | All versions |
| Crafted SSH Packet Vulnerability | prior to A3 | prior to A2 |
| | (2.1) | (1.3) |
|-------------------------------------+--------------+--------------|
| Crafted Simple Network Management | All versions | All versions |
| Protocol version 2 (SNMPv2) Packet | prior to A3 | prior to A2 |
| Vulnerability | (2.1) | (1.3) |
Vulnerabilities
* Skinny Client Control Protocol (SCCP) Inspection Denial of
Service Vulnerability
* WebVPN Datagram Transport Layer Security (DTLS) Denial of Service
Vulnerability
* Crafted TCP Segment Denial of Service Vulnerability
* Crafted Internet Key Exchange (IKE) Message Denial of Service
Vulnerability
* NT LAN Manager version 1 (NTLMv1) Authentication Bypass
Vulnerability
Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive
Security Appliances and Cisco PIX Security Appliances. This security
advisory outlines details of these vulnerabilities:
* Crafted TCP ACK Packet Vulnerability
* Crafted TLS Packet Vulnerability
* Instant Messenger Inspection Vulnerability
* Vulnerability Scan Denial of Service
* Control-plane Access Control List Vulnerability
+--------------------------------------------------------------------
Summary
=======
Two crafted packet vulnerabilities exist in the Cisco Firewall
Services Module (FWSM) that may result in a reload of the FWSM. These
vulnerabilities can be triggered during the processing of HTTPS
requests, or during the processing of Media Gateway Control Protocol
(MGCP) packets.
Details follow:
It was discovered that xine-lib did not correctly handle certain malformed
Ogg and Windows Media files. If a user or automated system were tricked into
opening a specially crafted Ogg or Windows Media file, an attacker could cause
xine-lib to crash, creating a denial of service. This issue only applied to
Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. (CVE-2008-3231)
It was discovered that the MNG, MOD, and Real demuxers in xine-lib did not
correctly handle memory allocation failures. If a user or automated system were
_______________________________________________________________________
Problem Description:
An out-of-bounds reading flaw in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0799).
Multiple input validation flaws in the JBIG2 decoder allows
remote attackers to execute arbitrary code via a crafted PDF file
(CVE-2009-0800).
+--------------------------------------------------------------------
Summary
=======
Two crafted packet vulnerabilities exist in the Cisco PIX 500 Series
Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security
Appliance (ASA) that may result in a reload of the device. These
vulnerabilities are triggered during processing of Media Gateway
Control Protocol (MGCP) packets, or during processing of Transport
Layer Security (TLS) traffic that terminates on the PIX or ASA security
Multiple security vulnerabilities has been discovered and corrected
in poppler:
An out-of-bounds reading flaw in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0799).
Multiple input validation flaws in the JBIG2 decoder allows
remote attackers to execute arbitrary code via a crafted PDF file
(CVE-2009-0800).
Multiple vulnerabilities has been found and corrected in poppler:
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2
and earlier allow remote attackers to cause a denial of service
(crash) via a crafted PDF file, related to (1) setBitmap and (2)
readSymbolDictSeg (CVE-2009-0146).
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier allow remote attackers to cause a denial of service (crash)
via a crafted PDF file (CVE-2009-0147).
Problem Description:
Multiple integer overflows in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and
other products allow remote attackers to cause a denial
of service (crash) via a crafted PDF file, related to (1)
JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg,
and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147)
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon
Problem Description:
Multiple integer overflows in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and
other products allow remote attackers to cause a denial
of service (crash) via a crafted PDF file, related to (1)
JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg,
and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147)
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon
Problem Description:
Multiple integer overflows in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and
other products allow remote attackers to cause a denial
of service (crash) via a crafted PDF file, related to (1)
JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg,
and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147)
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon
CVE-2007-1667
Multiple integer overflows in XInitImage function in xwd.c for
GraphicsMagick, allow user-assisted remote attackers to cause a
denial of service (crash) or obtain sensitive information via
crafted images with large or negative values that trigger a
buffer overflow. It only affects the oldstable distribution (etch).
CVE-2007-1797
Multiple integer overflows allow remote attackers to execute arbitrary
following vulnerabilities:
* Malformed HTTP or HTTPS authentication response denial of service
vulnerability
* SSH connections denial of service vulnerability
* Crafted HTTP or HTTPS request denial of service vulnerability
* Crafted HTTP or HTTPS request unauthorized configuration
modification vulnerability
Cisco has released free software updates that address these
vulnerabilities.
CVE-2007-1667
Multiple integer overflows in XInitImage function in xwd.c for
ImageMagick, allow user-assisted remote attackers to cause a denial of
service (crash) or obtain sensitive information via crafted images with
large or negative values that trigger a buffer overflow. It only affects
the oldstable distribution (etch).
CVE-2007-1797
CVE-2009-0146
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, and other products allow remote
attackers to cause a denial of service (crash) via a crafted PDF file,
related to (1) JBIG2SymbolDict::setBitmap and (2)
JBIG2Stream::readSymbolDictSeg.
CVE-2009-0147
CVE-2009-0146
Multiple buffer overflows in the JBIG2 decoder in kpdf allow
remote attackers to cause a denial of service (crash) via a
crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and
(2) JBIG2Stream::readSymbolDictSeg.
CVE-2009-0147
Multiple integer overflows in the JBIG2 decoder in kpdf allow
Multiple vulnerabilities has been identified and fixed in ffmpeg:
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain
pointer arithmetic, which might allow remote attackers to obtain
sensitive memory contents and cause a denial of service via a crafted
file that triggers an out-of-bounds read. (CVE-2009-4632)
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a
comparison operator was intended, which might allow remote attackers
to cause a denial of service and possibly execute arbitrary code via
_______________________________________________________________________
Problem Description:
Multiple buffer overflows in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0146).
Multiple integer overflows in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0147).
Multiple vulnerabilities have been identified and fixed in mplayer:
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain
pointer arithmetic, which might allow remote attackers to obtain
sensitive memory contents and cause a denial of service via a crafted
file that triggers an out-of-bounds read. (CVE-2009-4632)
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a
comparison operator was intended, which might allow remote attackers
to cause a denial of service and possibly execute arbitrary code via
Multiple vulnerabilities have been identified and fixed in blender:
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain
pointer arithmetic, which might allow remote attackers to obtain
sensitive memory contents and cause a denial of service via a crafted
file that triggers an out-of-bounds read. (CVE-2009-4632)
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a
comparison operator was intended, which might allow remote attackers
to cause a denial of service and possibly execute arbitrary code via
Problem Description:
Vulnerabilities have been discovered and corrected in xine-lib:
Failure on Ogg files manipulation can lead remote attackers to cause
a denial of service by using crafted files (CVE-2008-3231).
Failure on manipulation of either MNG or Real or MOD files can lead
remote attackers to cause a denial of service by using crafted files
(CVE: CVE-2008-5233).
update handles this issue by completely disabling MD2 for certificate
validation in OpenJDK. (CVE-2009-2409)
It was discovered that ICC profiles could be identified with
".." pathnames. If a user were tricked into running a specially
crafted applet, a remote attacker could gain information about a local
system. (CVE-2009-3728)
Peter Vreugdenhil discovered multiple flaws in the processing of graphics
in the AWT library. If a user were tricked into running a specially
crafted applet, a remote attacker could crash the application or run
_______________________________________________________________________
Problem Description:
Failure on Ogg files manipulation can lead remote attackers to cause
a denial of service by using crafted files (CVE-2008-3231).
Failure on manipulation of either MNG or Real or MOD files can lead
remote attackers to cause a denial of service by using crafted files
(CVE: CVE-2008-5233).
Multiple vulnerabilities was discovered and corrected in the
OpenOffice.org:
Integer overflow allows remote attackers to execute arbitrary code
via a crafted XPM file that triggers a heap-based buffer overflow
(CVE-2009-2949).
Heap-based buffer overflow allows remote attackers to cause a denial
of service (application crash) or possibly execute arbitrary code
via a crafted GIF file, related to LZW decompression (CVE-2009-2950).
memory use by listing this filename. (CVE-2010-4565)
The install_special_mapping function in mm/mmap.c does not make an
expected security_file_mmap function call, which allows local users
to bypass intended mmap_min_addr restrictions and possibly conduct
NULL pointer dereference attacks via a crafted assembly-language
application. (CVE-2010-4346)
The sk_run_filter function does not check whether a certain memory
location has been initialized before executing a BPF_S_LD_MEM
or BPF_S_LDX_MEM instruction, which allows local users to obtain
Details follow:
Sauli Pahlman discovered that the TIFF library incorrectly handled invalid
td_stripbytecount fields. If a user or automated system were tricked into
opening a specially crafted TIFF image, a remote attacker could crash the
application, leading to a denial of service. This issue only affected
Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)
Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF
files with an invalid combination of SamplesPerPixel and Photometric
Original advisory details:
Sauli Pahlman discovered that the TIFF library incorrectly handled invalid
td_stripbytecount fields. If a user or automated system were tricked into
opening a specially crafted TIFF image, a remote attacker could crash the
application, leading to a denial of service. This issue only affected
Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)
Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF
files with an invalid combination of SamplesPerPixel and Photometric
Next Page>>
|
