104 matches found
Tex Live dvipng工具数组索引漏洞
BUGTRAQ ID: 39969 CVECAN ID: CVE-2010-0829 dvipng是TeX Live所使用的从DVI文件生成PNG或GIF图形的工具。 dvipng工具中存在多个数组索引错误。在texlive-bin-2007.dfsg.2/build/source/texk/dvipng /draw.c文件中,SetChar函数使用了受dvi文件的创建者控制的索引并将其索引到了数组中。如果越过了数组的边界,攻击者就可以设置指向任意值的指针,导致执行任意代码。...
RHEL 5 : tetex (RHSA-2010:0400)
Updated tetex packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
CVE-2010-0829
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed DVI file...
CVE-2010-0829
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed DVI file...
CVE-2010-0829
CVE-2010-0829 involves multiple array index errors in set.c within dvipng 1.11/1.12 and the TeX-based TeX/teTeX toolchain, allowing remote attackers to crash the application or possibly run arbitrary code by feeding a malformed DVI file. The provided connected documents confirm the affected compo...
CVE-2010-0829
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed DVI file...
CVE-2010-0829
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed DVI file...
CVE-2009-0829
CVE-2009-0829 involves multiple SQL injection vulnerabilities in QuoteBook. The flaws allow remote attackers to execute arbitrary SQL commands by supplying crafted input through the following parameters: (1) MyBox and (2) selectFavorites to quotes.php, and (3) QuoteName and (4) QuoteText to quote...
CVE-2009-0829
creationtimestamp| type| source ---|---|--- 2009-01-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7699...
CVE-2008-0829
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! comjooget 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task...
CVE-2007-0829
CVE-2007-0829 affects avast! Server Edition prior to 4.7.726. The vulnerability is an authentication bypass where the product does not require a password in a particular intended context, allowing local users to bypass authentication requirements. The exploitation is local and results in partial ...
CVE-2006-0829
E-Blah Platinum 9.7 is affected by CVE-2006-0829: a Referer (HTTP_REFERER) XSS vulnerability in the log viewer (“Click Log”). The underlying issue is inadequate sanitization of the Referer leading to execution of arbitrary script when an administrator loads the Log. Reports indicate remote exploi...
CVE-2005-0829
The CVE-2005-0829 entry concerns a Cross-site scripting (XSS) vulnerability in the Digitanium addon to PHP-Fusion 5.01, specifically in setuser.php. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the user_name or user_pass parameters. Based on the provided do...
CVE-2004-0829
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service daemon crash by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2...
CVE-2004-0829
The provided connected documents confirm CVE-2004-0829 is a DoS vulnerability in Samba prior to 2.2.11, where sending a FindNextPrintChangeNotify without a preceding FindFirstPrintChangeNotify can crash the daemon (as demonstrated by the Windows XP SP2 SMB client). Affected product: Samba (before...
CVE-2004-0829
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service daemon crash by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2...
CVE-2002-0829
Integer overflow in the Berkeley Fast File System FFS in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system...
CVE-2002-0829
CVE-2002-0829: Integer overflow in the Berkeley Fast File System (FFS) on FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file larger than allowed by the virtual memory system. Affects FreeBSD FFS; vulnerability...
CVE-2002-0829
Integer overflow in the Berkeley Fast File System FFS in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system...
CVE-2001-0829
Apache Tomcat 3.x is affected by a cross-site scripting vulnerability (CVE-2001-0829) in which a malicious user can craft a request for a JSP file so that the default error page echoes the user-supplied input without proper escaping. The root cause is the error page displaying unvalidated URLs, a...