474 matches found
CVE-2015-0692
Cisco Web Security Appliance WSA devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via crafted serialized objects, aka Bug ID CSCut39230...
Amazon Linux AMI : libtiff (ALAS-2012-147)
A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially crafted TIFF file that, when opened, could cause an application using libtiff to crash or, possibly, execute arbitrary code with t...
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
This module exploits a code execution flaw in VMware vCenter Chargeback Manager, where the ImageUploadServlet servlet allows unauthenticated file upload. The files are uploaded to the /cbmui/images/ web path, where JSP code execution is allowed. The module has been tested successfully on VMware...
Slackware Advisory SSA:2011-147-01 bind
The remote host is missing an update as announced via advisory SSA:2011-147-01. OpenVAS Vulnerability Test $Id: esoftslkssa201114701.nasl 6581 2017-07-06 13:58:51Z cfischer $ Description: Auto-generated from advisory SSA:2011-147-01 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Mandriva Linux Security Advisory : cups (MDVSA-2011:147)
A vulnerability has been discovered and corrected in cups : The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary...
Juniper Junos J-Web Weak SSL Ciphers (PSN-2011-01-147)
According to its self-reported version number, the remote Junos device contains a J-Web component that supports the use of weak SSL ciphers less than 128-bit. Note: This is considerably easier to exploit if the attacker is on the same physical network. C Tenable Network Security, Inc...
CVE-2010-0595
creationtimestamp| type| source ---|---|--- 2010-05-27 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-10-147-01...
openSUSE Security Update : dnsmasq (dnsmasq-147)
This update of dnsmasq uses random UDP source ports and a random TRXID now. CVE-2008-1447 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dnsmasq-147. The text description of this plugin is C...
Mandrake Security Advisory MDVSA-2009:147 (pidgin)
The remote host is missing an update to pidgin announced via advisory MDVSA-2009:147. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Home Web Server <= r1.7.1 (build 147) Gui Thread-Memory Corruption
Exploit for unknown platform in category dos / poc ================================================================== Home Web Server = r1.7.1 build 147 Gui Thread-Memory Corruption ================================================================== Home Web Server =r1.7.1 build 147 "Gui...
Acoustica MP3 CD Burner 4.51 Build 147 - .asx Local Buffer Overflow
Acoustica MP3 CD Burner 4.51 Build 147 - .asx Local Buffer Overflow !/usr/bin/perl Acoustica MP3 CD Burner asx file Local BOF Exploit Author: Koshi Date: 08-29-08 0day Application: Acoustica MP3 CD Burner Version: 4.51 Build 147 possibly older Site: http://acoustica.com/download.htm Tested On:...
Debian Security Advisory DSA 147-2 (mailman)
The remote host is missing an update to mailman announced via advisory DSA 147-2. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 4.10 / 5.04 : php4, php4-universe fixed packages (USN-147-2)
USN-147-1 1 fixed a remote code execution vulnerability in the XMLRPC module of the PEAR library. Unfortunately the packages announced in USN-147-1 were faulty and shipped broken xmlrpc modules. The updated packages ship correct modules. We apologize for the inconvenience. 1...
USN-147-2: Fixed php4-pear packages for USN-147-1
USN-147-1 1 fixed a remote code execution vulnerability in the XMLRPC module of the PEAR library. Unfortunately the packages announced in USN-147-1 were faulty and shipped broken xmlrpc modules. The updated packages ship correct modules. We apologize for the inconvenience. 1...