Blogs

Yahoo Messenger Heap Overflow in Webcam component

http://research.eeye.com/html/alerts/zeroday/20070812.html - There exists a heap overflow in Yahoo Messenger 8.1.0.413. It allows for remote code execution for users who accept a webcam invite from a malicious source. A patch is currently not available; please verify the person with whom you are chatting before accepting webcam invites.

Yahoo Messenger Heap Overflow in Webcam component

http://research.eeye.com/html/alerts/zeroday/20070812.html - There exists a heap overflow in Yahoo Messenger 8.1.0.413. It allows for remote code execution for users who accept a webcam invite from a malicious source. A patch is currently not available; please verify the person with whom you are chatting before accepting webcam invites.

Yahoo Messenger Heap Overflow in Webcam component

http://research.eeye.com/html/alerts/zeroday/20070812.html - There exists a heap overflow in Yahoo Messenger 8.1.0.413. It allows for remote code execution for users who accept a webcam invite from a malicious source. A patch is currently not available; please verify the person with whom you are chatting before accepting webcam invites.

Integer overflow in gpdf could allow for malicious code execution in PDFs

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 - gpdf is used in various programs including (1) poppler, (2) xpdf, (3) kpdf, (4) kdegraphics, (5) CUPS and (6) tetex, and others. This vulnerability is in gpdf prior to version 2.8.2. Please check with your OS provider for updates of any programs with the ability to read PDFs.

Integer overflow in gpdf could allow for malicious code execution in PDFs

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 - gpdf is used in various programs including (1) poppler, (2) xpdf, (3) kpdf, (4) kdegraphics, (5) CUPS and (6) tetex, and others. This vulnerability is in gpdf prior to version 2.8.2. Please check with your OS provider for updates of any programs with the ability to read PDFs.

Integer overflow in gpdf could allow for malicious code execution in PDFs

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 - gpdf is used in various programs including (1) poppler, (2) xpdf, (3) kpdf, (4) kdegraphics, (5) CUPS and (6) tetex, and others. This vulnerability is in gpdf prior to version 2.8.2. Please check with your OS provider for updates of any programs with the ability to read PDFs.

Microsoft Exchange Multiple Vulnerabilities

http://secunia.com/advisories/25183/ - Four specific vulnerabilities allow for exploits on both clients and the server in the range of Denial of Service (DoS) to running arbitrary code. This affects Exchange 2000 Enterprise Server, Exchange 2000, 2003 and 2007. Patches are available for each of these systems and links are provided at the URL above.

Pages