DEBIAN-CVE-2009-2463

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

openSUSE Security Update : glib2 (glib2-815)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code CVE-2008-4316. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

openSUSE Security Update : glib2 (glib2-815)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code CVE-2008-4316. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

GLSA-200907-09 : Cyrus-SASL: Execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200907-09 Cyrus-SASL: Execution of arbitrary code James Ralston reported that in certain situations, Cyrus-SASL does not properly terminate strings which can result in buffer overflows when performing Base64 encoding. Impact : A...

Cyrus-SASL: Execution of arbitrary code

Background Cyrus-SASL is an implementation of the Simple Authentication and Security Layer. Description James Ralston reported that in certain situations, Cyrus-SASL does not properly terminate strings which can result in buffer overflows when performing Base64 encoding. Impact A remote...

USN-790-1: Cyrus SASL vulnerability

James Ralston discovered that the Cyrus SASL base64 encoding function could be used unsafely. If a remote attacker sent a specially crafted request to a service that used SASL, it could lead to a loss of privacy, or crash the application, resulting in a denial of service...

CVE-2009-1731

The provided documents contain concrete details for CVE-2009-1731: MLFFAT 2.1 is affected, specifically the panel/index.php component. The vulnerability is an SQL injection caused by processing a base64-encoded supervisor cookie, enabling remote attackers to execute arbitrary SQL commands. Impact...

openSUSE 10 Security Update : glib2 (glib2-6209)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code CVE-2008-4316. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Mandriva Linux Security Advisory : libsoup (MDVSA-2009:081)

An integer overflow in libsoup Base64 encoding and decoding functions enables attackers either to cause denial of service and to execute arbitrary code CVE-2009-0585. This update provides the fix for that security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

Ubuntu 6.06 LTS / 7.10 : libsoup vulnerability (USN-737-1)

It was discovered that the Base64 encoding functions in libsoup did not properly handle large strings. If a user were tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the precedi...

Mandriva Linux Security Advisory : glib2.0 (MDVSA-2009:080)

Multiple integer overflows in GLib's Base64 encoding and decoding functions enable attackers possibly remote ones, depending on the applications glib2 is linked against with - mostly GNOME ones either to cause denial of service and to execute arbitrary code via an untrusted input CVE-2008-4316...

Mandrake Security Advisory MDVSA-2009:081 (libsoup)

The remote host is missing an update to libsoup announced via advisory MDVSA-2009:081. OpenVAS Vulnerability Test $Id: mdksa2009081.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:081 libsoup Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:085 (gstreamer0.10-plugins-base)

The remote host is missing an update to gstreamer0.10-plugins-base announced via advisory MDVSA-2009:085. OpenVAS Vulnerability Test $Id: mdksa2009085.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:085 gstreamer0.10-plugins-base Authors: Thomas Rein...

Mandrake Security Advisory MDVSA-2009:080 (glib2.0)

The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. OpenVAS Vulnerability Test $Id: mdksa2009080.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:080 glib2.0 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:080 (glib2.0)

The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:080. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:081 (libsoup)

The remote host is missing an update to libsoup announced via advisory MDVSA-2009:081. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Debian: Security Advisory (DSA-1747-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1748-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandrake Security Advisory MDVSA-2009:078 (evolution-data-server)

The remote host is missing an update to evolution-data-server announced via advisory MDVSA-2009:078. OpenVAS Vulnerability Test $Id: mdksa2009078.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:078 evolution-data-server Authors: Thomas Reinke...

PhotoStand 1.2.0 - Remote Command Execution

!/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command Execution Exploit Credits to : Giovanni Buzzin, "Osirys" osirysatautisticidotorg Greets: drosophila, emgent, Fireshot PhotoStand is a used Image Gallery CMS. PhotoStand is vulnerable to SQL Injection, AUTH BYPAS...