94 matches found
CVE-2012-0855
Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...
Les video AI Xin technology source cookie injection vulnerability-vulnerability warning-the black bar safety net
by Mr. DzY from www.0855.tv 源码 下载 :http://www.mycodes.net/25/4585.htm Default background:admin/login. asp Injection point:http://www. xxxx. com/shownews. asp? id=2 1 6 exp: javascript:alertdocument. cookie=”id=”+escape“2 1 6 and 1=2 union select 1,username,password,4,5,6,7,8,9,1 0 from admin”;...
CVE-2011-0855
CVE-2011-0855 : Unspecified vulnerability in the InForm component of Oracle Industry Applications 4.5/4.6/5.0 that allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Core. Connected records corroborate the same description; no CVE-specific exp...
Design/Logic Flaw
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855...
CVE-2010-0855
Technical details about CVE-2010-0855 are not publicly available in the provided connected documents. The sources reference the vulnerability in generic terms and do not specify affected products, root cause, impact, or fixes. Monitor for updates.
SuSE9 Security Update : unrar (YOU Patch Number 11465)
This update fixes a stack-based buffer overflow in unrar that can be exploited with user-assistance by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
CVE-2009-0855
Cross-site scripting XSS vulnerability in the administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.23 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-0855
creationtimestamp| type| source ---|---|--- 2009-02-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32839...
Gentoo Security Advisory GLSA 200702-04 (rar, unrar)
The remote host is missing updates announced in advisory GLSA 200702-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD Ports: zoo
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Red Hat OpenSSH软件包篡改漏洞
BUGTRAQ ID: 30794 Red Hat Linux是全世界应用最广泛的Linux系统之一。 Red Hat公司的一些计算机系统被入侵,有少量的OpenSSH软件包被篡改,这些被篡改的软件包仅用于签名Red Hat Enterprise Linux 4(i386和x8664架构)及Red Hat Enterprise Linux 5(x8664架构)。如果用户受骗从被入侵的Red Hat软件代码库下载并安装了恶意的OpenSSH软件包的话,就可能导致在系统上安装木马。 使用Red Hat Network升级系统的用户不受影响,只有通过非官方Red Hat订阅渠道获得Red...
CVE-2008-0855
CVE-2008-0855 describes an SQL injection in the Facile Forms (com_facileforms) component for Joomla! and Mambo, exploitable via the catid parameter to index.php. The vulnerability, as documented by NVD, has a base score of 7.5 (HIGH) with network attack vector, no authentication, and partial impa...
SuSE 10 Security Update : unrar (ZYPP Patch Number 2997)
This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
openSUSE 10 Security Update : unrar (unrar-2996)
This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
CVE-2007-0855
CVE-2007-0855 describes a stack-based buffer overflow in RARLabs UnRAR (as packaged in WinRAR and possibly other products) that can be exploited by a password-protected archive sent to a user; exploitation context is network-accessible with medium attack complexity, no authentication, and require...
[Full-disclosure] Barracuda ZOO archiver security bug leads to remote compromise
Topic: Barracuda ZOO archiver security bug leads to remote compromise Announced: 2006-04-03 Product: Barracuda Spam Firewall Vendor: http://www.barracudanetworks.com/ Impact: Remote shell access Affected product: Barracuda with firmware 3.3.03.022 AND spamdef 3.0.9388 Credits: Jean-Sebastien...
CVE-2006-0855
Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected...
CVE-2006-0855
CVE-2006-0855 affects zoo 2.10 and earlier, where a stack-based buffer overflow in the fullpath function (misc.c) can be triggered by a crafted zoo file, allowing user-assisted remote code execution. Public reports reference Barracuda Spam Firewall usage; Debian DSA-991-1 notes a fix in older woo...
CVE-2005-0855
CVE-2005-0855 affects CoolForum 0.8.1 beta and earlier. The issue allows remote attackers to trigger PHP error messages via direct requests to eight PHP pages (entete.php, profile_accueil.php, profile_mdp.php, profile_notify.php, profile_options.php, profile_perso.php, profile_pm.php, readannonce...
CVE-2003-0855
Pan 0.13.3 and earlier allows remote attackers to cause a denial of service crash via a news post with a long author email address...