Monthly Archive: December 2012

Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an email containing a base64...

Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash)...

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied...

Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input. Date published : 2012-12-13 http://www.securityfocus.com/bid/56796 http://support.citrix.com/article/CTX135777

The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command. Date published : 2012-12-13 http://www.kb.cert.org/vuls/id/876780

Buffer overflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors. Date published : 2012-12-13 http://www.adobe.com/support/security/bulletins/apsb12-28.html

Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors. Date published : 2012-12-13 http://www.adobe.com/support/security/bulletins/apsb12-28.html

The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read. Date published : 2012-12-13 http://www.securityfocus.com/bid/56805...

The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. Date...

The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service...

The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via...

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. Date published : 2012-12-13...

Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image. Date...

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of...