CVE-2004-0694

Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any case...

CVE-2004-0694

Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any case...

CVE-2004-0694

CVE-2004-0694 records a buffer overflow in LHA 1.14 and earlier. Connected docs specify the overflow occurs in the extract_one function (related to shell/command line handling), potentially enabling remote code execution. Affected: LHA

[SECURITY] Fedora 14 Update: wireshark-1.4.3-1.fc14

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

JVN#30414126: Ruby Version Manager escape sequence injection vulnerability

Ruby Version Manager is a command line tool for managing multiple ruby environments. Ruby Version Manager contains an escape sequence injection vulnerability. Impact A user may unknowingly open a malicious file. As a result, the string that is output on the terminal may contain an arbitrary escap...

Design/Logic Flaw

A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png2.5.2-1 on Debian GNU/Linux, truncates a GIF pathname specified on the command line, which might allow remote attackers to create PNG files in unintended directories...

UBUNTU-CVE-2010-4695

A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png2.5.2-1 on Debian GNU/Linux, truncates a GIF pathname specified on the command line, which might allow remote attackers to create PNG files in unintended directories...

CVE-2009-5018

Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png...

CVE-2009-5018

Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png...

CVE-2010-4695

Removed by vendor...

Stack overflow

Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png...

CVE-2010-4695

The CVE-2010-4695 issue affects gif2png in versions 2.5.1 and 2.5.2 as distributed in Fedora 12 and Debian packaging. A patch for CVE-2009-5018 truncates the GIF pathname on the command line, which could allow a remote attacker to cause gif2png to create PNG files in unintended directories, demon...

[SECURITY] Fedora 13 Update: pcsc-lite-1.5.5-5.fc13

The purpose of PC/SC Lite is to provide a WindowsR SCard interface in a very small form factor for communicating to smartcards and readers. PC/SC Lite uses the same winscard API as used under WindowsR. This package includes the PC/SC Lite daemon, a resource manager that coordinates communications...

[SECURITY] Fedora 14 Update: pcsc-lite-1.6.4-3.fc14

The purpose of PC/SC Lite is to provide a WindowsR SCard interface in a very small form factor for communicating to smartcards and readers. PC/SC Lite uses the same winscard API as used under WindowsR. This package includes the PC/SC Lite daemon, a resource manager that coordinates communications...

Mathematica8 on Linux /tmp/MathLink vulnerability

The problem that was reported as below for Mathematica7, is present also/still in the "free trial" version of Mathematica8. Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia --- I wrote on 14 May 2010:...

gif2png: User-assisted execution of arbitrary code

Background gif2png is a command line program that converts image files from the Graphics Interchange Format GIF format to the Portable Network Graphics PNG format. Description gif2png contains a command line parsing vulnerability that may result in a stack overflow due to an unexpectedly long inp...

Redmine SCM Repository Arbitrary Command Execution

This module exploits an arbitrary command execution vulnerability in the Redmine repository controller. The flaw is triggered when a rev parameter is passed to the command line of the SCM tool without adequate filtering. This module requires Metasploit: https://metasploit.com/download Current...

[SECURITY] Fedora 14 Update: ImageMagick-6.6.4.1-15.fc14

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...

Fedora Update for libHX FEDORA-2010-12950

Check for the Version of libHX OpenVAS Vulnerability Test Fedora Update for libHX FEDORA-2010-12950 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

SuSE 11 Security Update : Sun Java 1.6.0 (SAT Patch Number 2340)

Oracle has released JRE 6 Update 20 in order to fix potential remote code execution vulnerabilities CVE-2010-0887. Please refer to Oracle's site for more information: http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010 -0886.html %NASLMINLEVEL 70300 C Tenable Network Security,...