Mandriva Linux Security Advisory 2010-157 - The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file. Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File font. bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service via a crafted BDF font file, related to an attempted modification of a value in a static string. The updated packages have been patched to correct these issues.
b173a76939af6c5aad8e3c142be5be456997a18cbc9f297e473e41f0ed555dd9Mandriva Linux Security Advisory 2010-156 - The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file. Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File font. bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service via a crafted BDF font file, related to an attempted modification of a value in a static string. Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.
9e90a6c7f677a8c24bc756a6cf54ad66e38c6abd8a3a89e4321e5004c57a68f1The Joomla Zoom component suffers from a remote SQL injection vulnerability.
bde49b41b81b0694b91ad98a9e30d782f88ac6721762452fcbff003bd48670c3LINK CMS suffers from a remote SQL injection vulnerability.
f9a165a3716e7db0d95c1af2e8076d90de66233eb52e3e36257e6619022c3e49AneCMS suffers from a remote SQL injection vulnerability.
7dcc1ef4dcaee1ec2bee451b6c9718b602c9d6fa6c1a5aba36802c55690ac6a2Ananta Gazelle CMS suffers from cross site scripting and local file inclusion vulnerabilities.
bde7546b0efdf21e28ac9f2cbf481393d25fd1b8153aa26dc8ec32f57ba140a84images version 1.7.8 suffers from a remote file inclusion vulnerability.
92b6b16efd72a2eca7101d73a478eda04ca72ef7118af5a8671bdbde4d73f28fX Zero Community Classifieds version 5.2 suffers from cross site scripting and SQL injection vulnerabilities.
ee8bc5d957d3ef9b4ff637bbb2e1078a689222b8b6305b87a4032d0012595236Video Script ASP suffers from a database disclosure vulnerability.
ba820fe2c4c454957f07e2bcdbd7544f831a5c670d411bfebcc5d36b003f846fUblogReload version 1.0.5 suffers from a database disclosure vulnerability.
215f7eb23e3b643d71a02371c5da1f31d16b90f3ce5f622c790758384aa55ab7The Joomla Biblioteca component version 1.0 Beta suffers from multiple remote SQL injection vulnerabilities.
33c428cd3ada802505f237332a1470c5202e0ece4b1b0ca8bca89a2c33eb3c8aThe Zina component for both Joomla and XOOPS suffers from a remote SQL injection vulnerability.
3e36fe435155c83fd6aefc587005e3204c1f429fa23f378a5e998b7ab71c7353Secunia Security Advisory - Fedora has issued an update for DeviceKit-power. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
3eddcfe7f5cc20b4c7a5e9817b7f884fe60e9b6fb922895abdeefd98f383aba8Secunia Security Advisory - A vulnerability has been discovered in FTPGetter Standard, FTPGetter Professional, and FTPGetter Professional Portable Edition, which can be exploited by malicious people to compromise a user's system.
f8718b69dee310b6102a673edf8ee5a00b7370c622a1211f790b34b3afec2545Secunia Security Advisory - Fedora has acknowledged a vulnerability in uzbl, which can be exploited by malicious people to compromise a user's system.
84248bcd692e493c24b4895ced6efe36ce37390db490c71edf7bfb456b7efe5dSecunia Security Advisory - Fedora has issued an update for phpMyAdmin. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
b70c60dc3a2096660a52d9770e5e8e07449f9b1e5f023291e7a30c0672e106f6Secunia Security Advisory - A vulnerability has been reported in netStartEnterprise, which can be exploited by malicious people to conduct SQL injection attacks.
c18539d98b7742b324a9db9be71f0e30eddce69c320babce2af64a346f306a7fSecunia Security Advisory - A vulnerability has been reported in the JPodium component for Joomla!, which can be exploited by malicious people to conduct cross-site request forgery attacks.
9ac02e8c9a6693e2417e2e48e987c3717150651d44864d457fd24eed94112b07Secunia Security Advisory - A vulnerability has been discovered in 3D-FTP, which can be exploited by malicious people to compromise a user's system.
12ac2dab5354a41952d5acbd6f3df5a3e29a4492651ef616a5bb2f38cda56a93Secunia Security Advisory - A vulnerability has been discovered in Auto FTP Manager, which can be exploited by malicious people to compromise a user's system.
56a1d097d59c209ecfd3e8c3c5e07a7c207e34fe8c7c96ac986c0891e4f66a2eSecunia Security Advisory - A vulnerability has been discovered in MAXdev MD-Pro, which can be exploited by malicious people to conduct cross-site scripting attacks.
6250a4737ff4c38d778286eb409c411aa6fe0829250d8464ecb830c80712d09fSecunia Security Advisory - Secunia Research has discovered some vulnerabilities in libgdiplus for Mono, which can be exploited by malicious people to compromise an application using the library.
49dcf44d5a071c5c9cfc442c23fa4015312fb941d53ba8b3903078a320117761Secunia Security Advisory - Debian has issued an update for lvm2. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
2b4745fe5a22926a6756e028984651bd932bac57848c2831b6d5353f68751262Secunia Security Advisory - l3D has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
588fb54b826666832fa950627f95b4c0803721df67da001e7c776634aacdb3fdSecunia Security Advisory - IBM has acknowledged a vulnerability in IBM Content Integrator, which can be exploited by malicious people to disclose system information or potentially sensitive information and cause a DoS (Denial of Service).
3f0ab2c26e94fd0e5e63142b9c4e7e0c80f8e9dfc4085856cff2df328bce1200
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed