520 matches found
CVE-2008-3551
Multiple unspecified vulnerabilities in Sun Java Platform Micro Edition aka Java ME, J2ME, or mobile Java, as distributed in Sun Wireless Toolkit 2.5.2, allow remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no...
Python存在多个缓冲区溢出漏洞
BUGTRAQ ID: 30491 CVE ID:CVE-2008-2315 CVE-2008-2316 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CNCVE ID:CNCVE-20082315 CNCVE-20082316 CNCVE-20083142 CNCVE-20083143 CNCVE-20083144 Python是一款开放源代码的脚本编程语言。 Python中存在多个整数溢出漏洞,远程攻击者可以利用漏洞对应用程序进行拒绝服务或者任意代码执行攻击。 1...
Buffer overflow
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
CVE-2008-3142
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
Integer overflow
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the 1 stringobject, 2 unicodeobject, 3 bufferobject, 4 longobject, 5 tupleobject, 6 stropmodule, 7 gcmodule, and 8 mmapmodule modules. NOTE: The expandtabs...
Integer overflow
Multiple integer overflows in the PyOSvsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service memory corruption or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of...
CVE-2008-3143
Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to 1 Include/pymem.h; 2 csv.c, 3 struct.c, 4 arraymodule.c, 5 audioop.c, 6 binascii.c, 7 cPickle.c, 8 cStringIO.c, 9 cjkcodecs/multibytecodec.c, 10...
PSF-2008-5 Multiple integer overflows (Apple)
Integer overflow in hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."...
PSF-2008-6 Multiple integer overflows (Apple)
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
Python stringobject.c多个远程溢出漏洞
BUGTRAQ ID: 28749 Python是一种开放源代码的脚本编程语言。 Python的核心API提供了多个用于分配字符串对象的函数,其中一个API调用允许分配或重新分配PyStringObject,这个函数为PyStringFromStringAndSize,该函数获取了两个参数,分别为一个指针和一个有符整数。如果指针非空的话,就会将指向该指针的内存重新分配为第二个参数所指定的大小;如果指针为空,就会分配整数所指定的字节数并返回。 在这个操作期间,没有验证第二个参数是否为负数,而该值与PyStringObject的大小相加并用作了分配函数的长度,可能导致错误的内存分配。...
IOActive Security Advisory: Incorrect input validation in PyString_FromStringAndSize() leads to multiple buffer overflows
Title: Incorrect input validation in PyStringFromStringAndSize leads to multiple buffer overflows Date Discoverd: ??-April-2008 Date Reported: 08-April-2008 Date Patched: 09-April-2008 Date Disclosed: 11-April-2008 Criticality: High Affected Products ----------------- Python 2.5.2, earlier and...
Python zlib Module - Remote Buffer Overflow
Python zlib Module - Remote Buffer Overflow source: https://www.securityfocus.com/bid/28715/info Python zlib module is prone to a remote buffer-overflow vulnerability because the library fails to properly sanitize user-supplied data. An attacker can exploit this issue to execute arbitrary code wi...
Python zlib Module - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/28715/info Python zlib module is prone to a remote buffer-overflow vulnerability because the library fails to properly sanitize user-supplied data. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running an...
Debian: Security Advisory (DSA-1405-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMware ESX多个信息泄露漏洞
VMWare ESX Server是一款虚拟主机的服务程序。 VMWare ESX Server存在多个安全问题,远程攻击者可以利用漏洞获得敏感信息。 VMWare ESX Server包含的管理接口是传统的WEB应用程序,使用的会话ID包含在两个COOKIE中(vmware.mui.kid和vmware.mui.sid),这会话ID格式包含BASE64编码的用户帐户和密码,如果攻击者可以通过其他机制访问COOKIE,就可以获得验证信息。 另外管理接口还提供更改密码的功能,通过HTML表单,用户需要输入和确定新的密码,如更改ROOT用户的密码为"test",就需要如下请求:...
CVE-2005-4702
SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition,...
All Enthusiast ReviewPost PHP Pro < 2.5.2 Multiple Input Validation Vulnerabilities
Binary data 2486.prm...
rsync < 2.5.2 Signedness Error Array Overflow
Binary data 1897.prm...
CVE-2002-1033
CVE-2002-1033 : Affected product is SunPS iRunbook 2.5.2, vulnerable in the none.php component. The issue is a directory traversal flaw triggered by a using a "..:" sequence in the argument, allowing remote attackers to read arbitrary files. The vulnerability is documented with a Medium impact (p...
Security Advisory: Cisco VPN3000 Concentrator IP Options Vulnerabil
-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: VPN 3000 Concentrator IP Options Vulnerability ============================================================================= Revision 1.0 For Public Release 2001 April 12 at 1500 UTC...