SUSE Linux Security Advisory: SUSE-SR:2010:008

Back to Search

SUSE Linux Security Advisory: SUSE-SR:2010:008

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

12/17/2009

Created

07/25/2018

Added

12/12/2013

Modified

07/04/2017

Description

Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.

Solution(s)

suse-upgrade-apache-jakarta-tomcat-connectors
suse-upgrade-apache2-jakarta-tomcat-connectors
suse-upgrade-gnome-screensaver
suse-upgrade-gnome-screensaver-lang
suse-upgrade-jakarta-tomcat
suse-upgrade-jakarta-tomcat-doc
suse-upgrade-jakarta-tomcat-examples
suse-upgrade-java-1_6_0-ibm
suse-upgrade-java-1_6_0-ibm-alsa
suse-upgrade-java-1_6_0-ibm-fonts
suse-upgrade-java-1_6_0-ibm-jdbc
suse-upgrade-java-1_6_0-ibm-plugin
suse-upgrade-java-1_6_0-sun
suse-upgrade-java-1_6_0-sun-alsa
suse-upgrade-java-1_6_0-sun-demo
suse-upgrade-java-1_6_0-sun-devel
suse-upgrade-java-1_6_0-sun-jdbc
suse-upgrade-java-1_6_0-sun-plugin
suse-upgrade-java-1_6_0-sun-src
suse-upgrade-libtcnative-1-0
suse-upgrade-libtcnative-1-0-debuginfo
suse-upgrade-libtcnative-1-0-debugsource
suse-upgrade-libtcnative-1-0-devel
suse-upgrade-sap-aio-release
suse-upgrade-tomcat
suse-upgrade-tomcat-admin-webapps
suse-upgrade-tomcat-docs-webapp
suse-upgrade-tomcat-el-2_2-api
suse-upgrade-tomcat-javadoc
suse-upgrade-tomcat-jsp-2_2-api
suse-upgrade-tomcat-jsvc
suse-upgrade-tomcat-lib
suse-upgrade-tomcat-servlet-3_0-api
suse-upgrade-tomcat-webapps
suse-upgrade-tomcat5
suse-upgrade-tomcat5-admin-webapps
suse-upgrade-tomcat5-webapps
suse-upgrade-tomcat6
suse-upgrade-tomcat6-admin-webapps
suse-upgrade-tomcat6-docs-webapp
suse-upgrade-tomcat6-el-1_0-api
suse-upgrade-tomcat6-javadoc
suse-upgrade-tomcat6-jsp-2_1-api
suse-upgrade-tomcat6-lib
suse-upgrade-tomcat6-servlet-2_5-api
suse-upgrade-tomcat6-webapps

Related Vulnerabilities

APPLE-SA-2010-01-19-1
APPLE-SA-2010-03-29-1
APPLE-SA-2010-05-18-1
APPLE-SA-2010-05-18-2
35263
36935
37349
37368
37942
37944
37945
38211
38326
39062
39065
39067
39069
39071
39073
39077
39078
39083
TA10-222A
TA10-287A
120541
CVE - 2008-5515
CVE - 2009-2693
CVE - 2009-2901
CVE - 2009-2902
CVE - 2009-3389
CVE - 2009-3555
CVE - 2010-0082
CVE - 2010-0084
CVE - 2010-0085
CVE - 2010-0087
CVE - 2010-0088
CVE - 2010-0089
CVE - 2010-0090
CVE - 2010-0091
CVE - 2010-0092
CVE - 2010-0093
CVE - 2010-0094
CVE - 2010-0095
CVE - 2010-0547
CVE - 2010-0732
CVE - 2010-0837
CVE - 2010-0838
CVE - 2010-0839
CVE - 2010-0840
CVE - 2010-0841
CVE - 2010-0842
CVE - 2010-0843
CVE - 2010-0844
CVE - 2010-0845
CVE - 2010-0846
CVE - 2010-0847
CVE - 2010-0848
CVE - 2010-0849
CVE - 2010-0850
CVE - 2010-0926
DSA-1934
DSA-2141
DSA-2207
DSA-3253
Category I
V0027158
V0031252
2011-A-0066
2012-A-0020
MS10-049
60521
60972
62210
63481
63482
63485
63492
65202
OVAL10057
OVAL10088
OVAL10392
OVAL10422
OVAL10474
OVAL10482
OVAL10680
OVAL10851
OVAL11120
OVAL11173
OVAL11576
OVAL11578
OVAL11617
OVAL11621
OVAL13357
OVAL13492
OVAL13795
OVAL13803
OVAL13923
OVAL13934
OVAL13959
OVAL13971
OVAL14061
OVAL14092
OVAL14101
OVAL14105
OVAL14144
OVAL14208
OVAL14210
OVAL14237
OVAL14276
OVAL14282
OVAL14288
OVAL14321
OVAL14350
OVAL14351
OVAL14453
OVAL14503
OVAL14521
OVAL19355
OVAL19431
OVAL19452
OVAL6445
OVAL7017
OVAL7092
OVAL7315
OVAL7478
OVAL7967
OVAL7973
OVAL8366
OVAL8535
OVAL9855
OVAL9877
OVAL9896
OVAL9899
OVAL9974
RHSA-2010:0119
RHSA-2010:0130
RHSA-2010:0155
RHSA-2010:0165
RHSA-2010:0167
RHSA-2010:0337
RHSA-2010:0338
RHSA-2010:0339
RHSA-2010:0383
RHSA-2010:0471
RHSA-2010:0489
RHSA-2010:0580
RHSA-2010:0582
RHSA-2010:0768
RHSA-2010:0770
RHSA-2010:0786
RHSA-2010:0807
RHSA-2010:0865
RHSA-2010:0986
RHSA-2010:0987
RHSA-2011:0880
SUSE-SA:2009:057
SUSE-SA:2009:063
SUSE-SA:2010:061
SUSE-SR:2010:008
54158
54805
55855
55856
55857
57346

References

suse-upgrade-apache-jakarta-tomcat-connectors
suse-upgrade-apache2-jakarta-tomcat-connectors
suse-upgrade-gnome-screensaver
suse-upgrade-gnome-screensaver-lang
suse-upgrade-jakarta-tomcat
suse-upgrade-jakarta-tomcat-doc
suse-upgrade-jakarta-tomcat-examples
suse-upgrade-java-1_6_0-ibm
suse-upgrade-java-1_6_0-ibm-alsa
suse-upgrade-java-1_6_0-ibm-fonts
suse-upgrade-java-1_6_0-ibm-jdbc
suse-upgrade-java-1_6_0-ibm-plugin
suse-upgrade-java-1_6_0-sun
suse-upgrade-java-1_6_0-sun-alsa
suse-upgrade-java-1_6_0-sun-demo
suse-upgrade-java-1_6_0-sun-devel
suse-upgrade-java-1_6_0-sun-jdbc
suse-upgrade-java-1_6_0-sun-plugin
suse-upgrade-java-1_6_0-sun-src
suse-upgrade-libtcnative-1-0
suse-upgrade-libtcnative-1-0-debuginfo
suse-upgrade-libtcnative-1-0-debugsource
suse-upgrade-libtcnative-1-0-devel
suse-upgrade-sap-aio-release
suse-upgrade-tomcat
suse-upgrade-tomcat-admin-webapps
suse-upgrade-tomcat-docs-webapp
suse-upgrade-tomcat-el-2_2-api
suse-upgrade-tomcat-javadoc
suse-upgrade-tomcat-jsp-2_2-api
suse-upgrade-tomcat-jsvc
suse-upgrade-tomcat-lib
suse-upgrade-tomcat-servlet-3_0-api
suse-upgrade-tomcat-webapps
suse-upgrade-tomcat5
suse-upgrade-tomcat5-admin-webapps
suse-upgrade-tomcat5-webapps
suse-upgrade-tomcat6
suse-upgrade-tomcat6-admin-webapps
suse-upgrade-tomcat6-docs-webapp
suse-upgrade-tomcat6-el-1_0-api
suse-upgrade-tomcat6-javadoc
suse-upgrade-tomcat6-jsp-2_1-api
suse-upgrade-tomcat6-lib
suse-upgrade-tomcat6-servlet-2_5-api
suse-upgrade-tomcat6-webapps

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Advisory: SUSE-SR:2010:008