Code injection

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted ASF file...

CVE-2017-5844

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted ASF file...

CVE-2017-5846

CVE-2017-5846 affects GStreamer gst-plugins-ugly before 1.10.3, where gst_asf_demux_process_ext_stream_props in gst/asfdemux/gstasfdemux.c can trigger an invalid memory read and crash when processing video files with a certain number of languages. Impact described as denial of service; remote att...

CVE-2017-5844

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted ASF file...

CVE-2017-5844

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted ASF file...

CVE-2017-5844

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted ASF file...

CVE-2017-5844

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted ASF file...

asf-fr.org XSS vulnerability

Vulnerable URL: http://www.asf-fr.org/search?term=%3Cimg%20src%3Dx%20onerror%3Dprompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1732556 VIP website...

Apache Httpd < 2.2.32 : HTTP_PROXY environment variable "httpoxy" mitigation

HTTPPROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTPPROXY" variable from a "Proxy:" header, which h...

ASF-Abfallmanager - Dangerous filesystem permissions, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application ASF-Abfallmanager published at the 'play' market has multiple vulnerabilities...

The vulnerability of the FFmpeg multimedia library, which allows a intruder to trigger a service failure or cause other effects

The vulnerability of the asfwritepacket function libavformat/asfenc.c in the FFmpeg multimedia library is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure, or possibly have other effects using a specially crafted PTS value contained in...

FFmpeg 'asf_write_packet' function integer overflow vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. An integer overflow vulnerability in the 'asfwritepacket' function in the libavformat/asfenc.c file of FFmpeg allows remote attackers to build special .mov files to crash the application...

DEBIAN-CVE-2016-2326

Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...

UBUNTU-CVE-2016-2326

Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...

Dell iDRAC IPMI 1.5 Insufficient Session ID Randomness

""" For testing purposes only. c Yong Chuan, Koh 2014 """ from time import sleep from socket import from struct import from random import import sys, os, argparse HOST = None PORT = 623 bufsize = 1024 recv = "" create socket UDPsock = socketAFINET,SOCKDGRAM UDPsock.settimeout2 data = 21 offset of...

VLC Media Player Multiple Vulnerabilities-03 (Jan 2015) - Linux

VLC media player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:videolan:vlcmediaplayer";...

VLC Media Player Multiple Vulnerabilities-03 (Jan 2015) - Mac OS X

VLC media player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:videolan:vlcmediaplayer";...

CVE-2011-3623

Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via 1 a crafted ASF file, related to the ASFObjectDumpDebug function in modules/demux/asf/libasf.c; 2 a crafted AVI file, related to the AVIChunkDumpDebuglevel function...

CVE-2010-1442

VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly execute arbitrary code via a crafted byte stream to the 1 AVI, 2 ASF, or 3 Matroska aka MKV demuxer...

CVE-2011-3623

Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via 1 a crafted ASF file, related to the ASFObjectDumpDebug function in modules/demux/asf/libasf.c; 2 a crafted AVI file, related to the AVIChunkDumpDebuglevel function...