FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318524
Date:      2013-05-19
Time:      14:06:36Z
Committer: rakuco

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
68222076-010b-11da-bc08-0001020eed82	tiff -- buffer overflow vulnerability A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Successful exploitation would require the victim to open a specially crafted TIFF image, resulting in the execution of arbitrary code. Discovery 2005-05-10 Entry 2005-07-30 Modified 2006-06-08 tiff lt 3.7.3 linux-tiff lt 3.6.1_3 pdflib pdflib-perl lt 6.0.1_2 gdal lt 1.2.1_2 ivtools lt 1.2.3 paraview lt 2.4.3 fractorama lt 1.6.7_1 iv ja-iv ja-libimg gt 0 CVE-2005-1544 http://bugzilla.remotesensing.org/show_bug.cgi?id=843 http://www.gentoo.org/security/en/glsa/glsa-200505-07.xml http://www.remotesensing.org/libtiff/v3.7.3.html
fc7e6a42-6012-11d9-a9e7-0001020eed82	tiff -- directory entry count integer overflow vulnerability In an iDEFENSE Security Advisory infamous41md reports: Remote exploitation of a heap-based buffer overflow vulnerability within the LibTIFF package could allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient validation of user-supplied data when calculating the size of a directory entry. A TIFF file includes a number of directory entry header fields that describe the data in the file. Included in these entries is an entry count and offset value that are calculated to determine the size and location of the data for that entry. Discovery 2004-12-17 Entry 2005-01-06 Modified 2006-06-08 tiff lt 3.7.1 linux-tiff lt 3.6.1_1 pdflib pdflib-perl lt 6.0.1_1 gdal lt 1.2.1_2 ivtools lt 1.2.3 paraview lt 2.4.3 fractorama lt 1.6.7_1 iv ja-iv ja-libimg gt 0 12075 CVE-2004-1308 http://www.idefense.com/application/poi/display?id=174&type=vulnerabilities 125598
68222076-010b-11da-bc08-0001020eed82	tiff -- buffer overflow vulnerability A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Successful exploitation would require the victim to open a specially crafted TIFF image, resulting in the execution of arbitrary code. Discovery 2005-05-10 Entry 2005-07-30 Modified 2006-06-08 tiff lt 3.7.3 linux-tiff lt 3.6.1_3 pdflib pdflib-perl lt 6.0.1_2 gdal lt 1.2.1_2 ivtools lt 1.2.3 paraview lt 2.4.3 fractorama lt 1.6.7_1 iv ja-iv ja-libimg gt 0 CVE-2005-1544 http://bugzilla.remotesensing.org/show_bug.cgi?id=843 http://www.gentoo.org/security/en/glsa/glsa-200505-07.xml http://www.remotesensing.org/libtiff/v3.7.3.html
fc7e6a42-6012-11d9-a9e7-0001020eed82	tiff -- directory entry count integer overflow vulnerability In an iDEFENSE Security Advisory infamous41md reports: Remote exploitation of a heap-based buffer overflow vulnerability within the LibTIFF package could allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient validation of user-supplied data when calculating the size of a directory entry. A TIFF file includes a number of directory entry header fields that describe the data in the file. Included in these entries is an entry count and offset value that are calculated to determine the size and location of the data for that entry. Discovery 2004-12-17 Entry 2005-01-06 Modified 2006-06-08 tiff lt 3.7.1 linux-tiff lt 3.6.1_1 pdflib pdflib-perl lt 6.0.1_1 gdal lt 1.2.1_2 ivtools lt 1.2.3 paraview lt 2.4.3 fractorama lt 1.6.7_1 iv ja-iv ja-libimg gt 0 12075 CVE-2004-1308 http://www.idefense.com/application/poi/display?id=174&type=vulnerabilities 125598