Computer Security
[EN] securityvulns.ru no-pyccku


cyrus-imapd / Dovecot integer overflow
Published:07.09.2009
Source:
SecurityVulns ID:10205
Type:library
Threat Level:
5/10
Description:Integer overflow on SIEVE mail flow management scripts processing.
Affected:CYRUS : cyrus-imapd 2.2
Original documentdocumentDEBIAN, [SECURITY] [DSA 1881-1] New cyrus-imapd packages fix arbitrary code execution (07.09.2009)

OpenOffice multiple security vulnerabilities
updated since 02.09.2009
Published:07.09.2009
Source:
SecurityVulns ID:10195
Type:local
Threat Level:
6/10
Description:Buffer overflow and integer overflow on Microsoft Word and EMF documents parsing, vulnerable version in included VCRedist_x86.
Affected:OPENOFFICE : OpenOffice 3.1
CVE:CVE-2009-2139 (Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238.)
 CVE-2009-0201 (Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing.")
 CVE-2009-0200 (Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1880-1] New OpenOffice.org packages fix arbitrary code execution (07.09.2009)
 documentSECUNIA, Secunia Research: OpenOffice.org Word Document Table Parsing Integer Underflow (02.09.2009)
 documentSECUNIA, Secunia Research: OpenOffice.org Word Document Table Parsing Integer Underflow (02.09.2009)
 documentSECUNIA, Secunia Research: OpenOffice.org Word Document Table Parsing Buffer Overflow (02.09.2009)
 documentStefan Kanthak, Vulnerable MSVC++ runtime distributed with OpenOffice.org 3.1.1 for Windows (02.09.2009)

VMWare VMnc code multiple security vulnerabilities
Published:07.09.2009
Source:
SecurityVulns ID:10206
Type:local
Threat Level:
5/10
Description:Buffer overlfow on video files parsing.
Affected:VMWARE : VMware Workstation 6.5
 VMWARE : VMware Player 2.5
 VMWARE : VMware ACE 2.5
 VMWARE : VMware Movie Decoder 6.5
CVE:CVE-2009-2628 (The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption.)
 CVE-2009-0199 (Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters).)
Original documentdocumentSECUNIA, Secunia Research: VMWare VMnc Codec Mismatched Dimensions Buffer Overflow (07.09.2009)
 documentVMWARE, VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues. (07.09.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod