The libexslt library bundled with libxslt is affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is present in the rc4 encryption/decryption functions. Versions 1.1.8 and above and 1.1.24 and below are affected.
02774ffc00a1109e47a89ae5bf7cae9109a21ab74ca69164ed59e8c5d4f33966
A couple more JPEG ICC parsing bugs were fixed in the latest JDK updates. Link to a malicious JPEG included.
7733f14ba82041871e9e880fa5b320f8d44d631e00cf2e0e340c225595e2abe3
Ghostscript versions 8.61 and below suffer from a stack-based buffer overflow in the zseticcspace() function in zicc.c.
a7a1a9152fc71552b1f14f698f66e184c5ac9a1846e81b33abc4a33e260b713b
Mandrake Linux Security Update Advisory - Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution.
38339c35eb37ea1704d38fa5c8d7a983c7db524a7de177b38224327194a45663
gtk+ version 2.4.4 has heap and stack-based overflows that can allow for the compromise of an account used to browse a malicious XPM file.
109cfb0bda1034d53ac5db82dc78234e1d4ebcc321a14ba9479ce9f09f61a3f0
libXpm versions below 6.8.1 suffer from multiple stack and integer overflows.
fbd8d4486d62e535a9c1f5d140133d5544c6c2766a0a06ffdf2218a3d4d8b4d9
qt version 3.3.2 has a heap overflow in its BMP parser.
a87464ce36d5b5cca9bf4c0ce0467eb6dfb66ef37ec4771fa65754ecf1be3997
libpng version 1.2.5 is susceptible to stack-based buffer overflows and various other code concerns.
9fc510600a44d8e31608573552503b13a04a1c01395734a87d480c64618ef40c
A DoS condition exists in the Linux kernel knfsd server. Remote, unauthenticated users (i.e. those with neither a directory mounted nor permission to mount one) can OOPS the host kernel. The OOPS does not bring down the target host, but it is possible to render the NFS service inoperable until a reboot.
7a554cf14acdc3fef95cadd5e0b687b47576cc0e8024390737cb14e3860d6e69