48 matches found
CVE-2015-8366
CVE-2015-8366 : In LibRaw, an array index error in the smal_decode_segment function prior to 0.17.1 can enable context-dependent attackers to trigger memory errors and possibly execute arbitrary code via index-related vectors. Several connected sources confirm the issue is tied to LibRaw before 0...
CVE-2015-8366
Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...
CVE-2015-8366
Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...
CVE-2015-8366
Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...
Phoenix Contact WebVisit 6.40.00 - Password Disclosure Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Phoenix Contact WebVisit 6.40.00 - Password Disclosure Exploit Author: Deneut Tijl Vendor Homepage: www.phoenixcontact.com Software Link:...
CVE-2018-8366
CVE-2018-8366 is an information disclosure vulnerability in Microsoft Edge tied to the Fetch API mis-handling a filtered response type. Root cause: Edge Fetch API incorrectly handles certain filtered response types, enabling an attacker to read the URL of a cross-origin request. Affected product/...
CVE-2016-8366
CVE-2016-8366 affects Phoenix Contact ILC PLCs with WebVisit. The vulnerability arises from a password macro where credentials can be stored and transferred in clear text, enabling potential exposure of user passwords via the HMI protection mechanism. Connected documents confirm the issue is tied...
Fedora 24 : ettercap (2017-36c7e7ef06)
FIx for CVE-2017-8366 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenabl...
Fedora 25 : ettercap (2017-8722576148)
FIx for CVE-2017-8366 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenabl...
MGASA-2017-0173 Updated ettercap packages fix security vulnerability
The strescape function in ecstrings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter CVE-2017-8366...
Debian DSA-3874-1 : ettercap - security update
Agostino Sarubbo and AromalUllas discovered that ettercap, a network security tool for traffic interception, contains vulnerabilities that allowed an attacker able to provide maliciously crafted filters to cause a denial-of-service via application crash. %NASLMINLEVEL 70300 C Tenable Network...
[SECURITY] [DSA 3874-1] ettercap security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3874-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 09, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3874-1] ettercap security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3874-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 09, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3874-1 (ettercap - security update)
Agostino Sarubbo and AromalUllas discovered that ettercap, a network security tool for traffic interception, contains vulnerabilities that allowed an attacker able to provide maliciously crafted filters to cause a denial-of-service via application crash. OpenVAS Vulnerability Test $Id: deb3874.na...
CVE-2017-8366
The strescape function in ecstrings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter...
CVE-2017-8366
CVE-2017-8366 affects Ettercap (0.8.2 and earlier) via the strescape function in ec_strings.c in the Etterfilter utility. A crafted filter mishandled by etterfilter can cause a heap-based buffer overflow, leading to application crash or possible arbitrary code execution. Multiple advisories (Arch...
GLSA-201701-60 : LibRaw: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201701-60 LibRaw: Multiple vulnerabilities Multiple vulnerabilities have been discovered in LibRaw. Please review the CVE identifiers referenced below for details. Impact : An attacker could execute arbitrary code, cause a Denial ...
Phoenix Contact ILC PLC Authentication Vulnerabilities
OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...
Fedora 22 : LibRaw-0.16.2-3.fc22 (2015-a288773b9a)
Patch for CVE-2015-8366, CVE-2015-8367 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora 23 : LibRaw-0.16.2-3.fc23 (2015-d2fc332108)
Patch for CVE-2015-8366, CVE-2015-8367 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...