Blogs

Ghostscript buffer overflow vulnerability

http://secunia.com/advisories/29103/ - In versions prior to 8.62, a zseticcspace() buffer overflow could result in arbitrary code execution by a malicious user. It would require the malicious user to upload a malicious postscript file to a system or coax a user into viewing a malicious postscript file. It is recommended to update to v8.62.

Ghostscript buffer overflow vulnerability

http://secunia.com/advisories/29103/ - In versions prior to 8.62, a zseticcspace() buffer overflow could result in arbitrary code execution by a malicious user. It would require the malicious user to upload a malicious postscript file to a system or coax a user into viewing a malicious postscript file. It is recommended to update to v8.62.

Xpdf Multiple Remote Vulnerabilities (through coercion)

http://www.securityfocus.com/bid/26367/info - Xpdf is vulnerable to arbitrary code execution in the context of the xpdf process. This exploit requires convincing the victim to open a malicious pdf file. Xpdf 3.02pl1 is vulnerable to these issues; other versions may also be affected. A patch is available which fixes this hole (ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch). It is recommended to update xpdf when the vendor releases a new version.

Xpdf Multiple Remote Vulnerabilities (through coercion)

http://www.securityfocus.com/bid/26367/info - Xpdf is vulnerable to arbitrary code execution in the context of the xpdf process. This exploit requires convincing the victim to open a malicious pdf file. Xpdf 3.02pl1 is vulnerable to these issues; other versions may also be affected. A patch is available which fixes this hole (ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch). It is recommended to update xpdf when the vendor releases a new version.

Multiple vulnerabilities patched in Thunderbird

http://secunia.com/advisories/29133/ - Multiple vulnerabilities were fixed in Thunderbird. These include heap overflows, information disclosure, directory traversal, privilege escalation and memory corruption crashes. These problems are fixed in version 2.0.0.12. It is worth mentioning that Thunderbird 1.5 is no longer supported. Mozilla has warned that these issues remain in Thunderbird 1.5.14 and are not scheduled to be fixed. It is recommended that all Thunderbird users upgrade to 2.0.0.12.

Pages