diff options
author | miwi <miwi@FreeBSD.org> | 2009-10-30 05:59:05 +0800 |
---|---|---|
committer | miwi <miwi@FreeBSD.org> | 2009-10-30 05:59:05 +0800 |
commit | e4348535edfebf9e06f3fa273905d40aa29afa5e (patch) | |
tree | 8ae7820c8e0ec16693aa725dbf7c99998a707d53 /security | |
parent | e78763b33b1aca659c2b5bea3cfe88d218058cfc (diff) | |
download | freebsd-ports-gnome-e4348535edfebf9e06f3fa273905d40aa29afa5e.tar.gz freebsd-ports-gnome-e4348535edfebf9e06f3fa273905d40aa29afa5e.tar.zst freebsd-ports-gnome-e4348535edfebf9e06f3fa273905d40aa29afa5e.zip |
- Fix latest entrys
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 39 |
1 files changed, 24 insertions, 15 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index dba6fd21b58b..0d072473029b 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -46,22 +46,21 @@ Note: Please add new entries to the beginning of this file. <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>Securityfocus reports:</p> - <blockquote - cite="http://www.securityfocus.com/bid/34584"> + <blockquote cite="http://www.securityfocus.com/bid/34584"> <p>cTorrent and dTorrent are prone to a remote buffer-overflow - vulnerability because the software fails to properly - bounds-check user-supplied input before copying it to an - insufficiently sized memory buffer.</p> + vulnerability because the software fails to properly + bounds-check user-supplied input before copying it to an + insufficiently sized memory buffer.</p> <p>Successful exploits allow remote attackers to execute - arbitrary machine code in the context of a vulnerable - application. Failed exploit attempts will likely result in - denial-of-service conditions.</p> + arbitrary machine code in the context of a vulnerable + application. Failed exploit attempts will likely result in + denial-of-service conditions.</p> </blockquote> </body> </description> <references> - <cvename>CVE-2009-1759</cvename> <bid>34584</bid> + <cvename>CVE-2009-1759</cvename> <url>http://sourceforge.net/tracker/?func=detail&aid=2782875&group_id=202532&atid=981959</url> </references> <dates> @@ -69,6 +68,7 @@ Note: Please add new entries to the beginning of this file. <entry>2009-10-28</entry> </dates> </vuln> + <vuln vid="c87aa2d2-c3c4-11de-ab08-000f20797ede"> <topic>mozilla -- multiple vulnerabilities</topic> <affects> @@ -236,12 +236,21 @@ Note: Please add new entries to the beginning of this file. <body xmlns="http://www.w3.org/1999/xhtml"> <p>SecurityFocus reports:</p> <blockquote cite="http://www.securityfocus.com/archive/1/507261"> - <p>Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system.</p> - <p>1) Multiple integer overflows in "SplashBitmap::SplashBitmap()" can be exploited to cause heap-based buffer overflows.</p> - <p>2) An integer overflow error in "ObjectStream::ObjectStream()" can be exploited to cause a heap-based buffer overflow.</p> - <p>3) Multiple integer overflows in "Splash::drawImage()" can be exploited to cause heap-based buffer overflows.</p> - <p>4) An integer overflow error in "PSOutputDev::doImageL1Sep()" can be exploited to cause a heap-based buffer overflow when converting a PDF document to a PS file.</p> - <p>Successful exploitation of the vulnerabilities may allow execution of arbitrary code by tricking a user into opening a specially crafted PDF file.</p> + <p>Some vulnerabilities have been reported in Xpdf, which can be + exploited by malicious people to potentially compromise a user's + system.</p> + <p>1) Multiple integer overflows in "SplashBitmap::SplashBitmap()" + can be exploited to cause heap-based buffer overflows.</p> + <p>2) An integer overflow error in "ObjectStream::ObjectStream()" + can be exploited to cause a heap-based buffer overflow.</p> + <p>3) Multiple integer overflows in "Splash::drawImage()" can be + exploited to cause heap-based buffer overflows.</p> + <p>4) An integer overflow error in "PSOutputDev::doImageL1Sep()" + can be exploited to cause a heap-based buffer overflow when + converting a PDF document to a PS file.</p> + <p>Successful exploitation of the vulnerabilities may allow execution + of arbitrary code by tricking a user into opening a specially crafted + PDF file.</p> </blockquote> </body> </description> |