[security bulletin] HPSBMA02400 SSRT080144 rev.2 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code <!– Envelope-to: email@address Delivery-date: Wed, 29 Apr 2009 20:24:03 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LzFNz-00005Y-JT for email@address; Wed, 29 Apr 2009 20:24:03 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by [...]
Posts Tagged ‘Arbitrary Code’
New ffmpeg-debian packages fix arbitrary code execution
[SECURITY] [DSA 1781-1] New ffmpeg-debian packages fix arbitrary code execution <!– Envelope-to: email@address Delivery-date: Wed, 29 Apr 2009 15:46:14 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LzB38-0003Gx-1B for email@address; Wed, 29 Apr 2009 15:46:14 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id 6E0AE143F89; Wed, 29 [...]
New mplayer packages fix arbitrary code execution
[SECURITY] [DSA 1782-1] New mplayer packages fix arbitrary code execution Posted by Steffen Joeris on Apr 29 ———————————————————————— Debian Security Advisory DSA-1782-1 security_at_debian.org www.debian.org/security/ Steffen Joeris April 29, 2009 www.debian.org/security/faq … URL: http://seclists.org/fulldisclosure/2009/Apr/0288.html
New ffmpeg-debian packages fix arbitrary code execution
[SECURITY] [DSA 1781-1] New ffmpeg-debian packages fix arbitrary code execution Posted by Steffen Joeris on Apr 29 ———————————————————————— Debian Security Advisory DSA-1781-1 security_at_debian.org www.debian.org/security/ Steffen Joeris April 29, 2009 www.debian.org/security/faq … URL: http://seclists.org/fulldisclosure/2009/Apr/0287.html
Multiple Symantec Products Alert Management System Console Arbitrary Code Execution Vulnerability
Vuln: Multiple Symantec Products Alert Management System Console Arbitrary Code Execution Vulnerability Multiple Symantec Products Alert Management System Console Arbitrary Code Execution Vulnerability URL: http://www.securityfocus.com/bid/34675
[security bulletin] HPSBMA02424 SSRT080125 rev.1 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
Bugtraq: [security bulletin] HPSBMA02424 SSRT080125 rev.1 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code [security bulletin] HPSBMA02424 SSRT080125 rev.1 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code URL: http://www.securityfocus.com/archive/1/503024
HPSBMA02424 SSRT080125 rev.1 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
[security bulletin] HPSBMA02424 SSRT080125 rev.1 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code <!– Envelope-to: email@address Delivery-date: Mon, 27 Apr 2009 20:28:59 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LyWVf-0005iO-C6 for email@address; Mon, 27 Apr 2009 20:28:59 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by [...]
1438 (libmodplug)
CVE-2009-1438 (libmodplug) Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1438
1437 (coolplayer)
CVE-2009-1437 (coolplayer) Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1437
Security update for Firefox
Security update for Firefox A new version of the popular web browser Firefox (3.0.9) addresses multiple vulnerabilities, such as POST data being sent to the wrong site when saving web pages, allowing malicious search plug-ins to inject code into arbitrary sites, and cross-site scripting hazards when using third-party stylesheets. Exploitation of these vulnerabilities could enable [...]
1356 (elecard_avc_hd_player)
CVE-2009-1356 (elecard_avc_hd_player) Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1356
1352 (powerchm)
CVE-2009-1352 (powerchm) Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1352
1351 (apollo)
CVE-2009-1351 (apollo) Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1351
1350 (netidentity_client1.2.3)
CVE-2009-1350 (netidentity_client1.2.3) Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1350
0718 (storageworks_storage_mirroring)
CVE-2009-0718 (storageworks_storage_mirroring) Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to execute arbitrary code via unknown vectors. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0718
