Red Hat Security Blog: August 2013 archives

  • Tweaking integer overflows

    Integer overflows when calculating the memory size for data structures (such as to hold image data from an image file) is a common source of security vulnerabilities. Often, such integer overflows are initially reported as denial-of-service issues, as the result of an arbitrarily large memory allocation. But with some tweaking, they can be turned into the successful allocation of a memory area that is too small because the integer overflow results in the wrong computed allocation size....
    Posted 2013-08-28T13:00:40+00:00 - 0
  • Apache Tomcat and JBoss Web security flaws

    Apache Tomcat and JBoss Web are two closely-related components that have a large amount of code in common. This article explains the difference between these components and examines how security flaws affect them. Apache Tomcat and JBoss Web Apache Tomcat is a popular open source implementation of the Java Servlet and JavaServer Pages specifications. It is commonly used as a container to host Java-based web applications. Tomcat is distributed as part of both Red Hat Enterprise Linux and Red Hat...
    Posted 2013-08-07T13:30:42+00:00 - 0