Microsoft HTML Help <= 6.1 Stack Overflow

No description provided by source. Source: http://aluigi.org/adv/chm1-adv.txt Luigi Auriemma Application: Microsoft HTML Help http://www.microsoft.com Versions: = 6.1 Platforms: Windows any version included the latest Windows 7 Bug: stack overflow Date: 12 Apr 2011 found 20 Feb 2011 Author: Luigi...

wu-ftpd 2.4.2/2.5 .0/2.6 .0/2.6.1/2.6.2 - FTP Conversion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2240/info Some FTP servers provide a conversion service that pipes a requested file through a program, for example a decompression utility such as tar, before it is passed to the remote user. Under some configurations whe...

Zlib 1.1.4 Compression Library gzprintf() Buffer Overrun Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become corrupted. This buffer overrun...

Dart ZipLite Compression 1.8.5.3 DartZipLite.DLL ActiveX Control Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24099/info The Dart ZipLite Compression ActiveX control is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer...

Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities

No description provided by source. Title: ====== Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities Date: ===== 2013-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1009 VL-ID: ===== 1009 Common Vulnerability Scoring System:...

Man Utility 2.3.19 Local Compression Program Privilege Elevation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8675/info A vulnerability has been reported in man that may allow an attacker to gain elevated privileges. The problem lies in man failing to carry out sufficient sanity checks before executing a user-defined compression...

RARLAB WinRAR 3.x LHA Filename Handling Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19043/info WinRAR is susceptible to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This vulnerability allow...

20-Year Old Vulnerability Patched in Compression Algorithm

A 20-year old vulnerability in the Lempel-Ziv-Oberhumer LZO compression algorithm – used in some Android phones, the Linux kernel, and even Mars Rovers – was finally patched this week. Code stemming from the algorithm’s library function has existed in the wild for two decades, but was recycled ov...

20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars

A 20 year old critical subtle integer overflow vulnerability has been discovered in Lempel-Ziv-Oberhumer LZO, an extremely efficient data compression algorithm that focuses on decompression speed, which is almost five times faster than zlib and bzip compression algorithms. Lempel-Ziv-Oberhumer LZ...

mencoder -- potential buffer overrun when processing malicious lzo compressed input

Michael Niedermayer and Luca Barbato report in upstream ffmpeg: avutil/lzo: Fix integer overflow...

Uzbey: Breach Attack Vulnerability

Breach Attack Vulnerability Respected Sir/Madam I Hope Your Cooperate With Me Cause It's Not Easy To Find Vulnerability On Your Official Website. Vulnerability description This web application is potentially vulnerable to the BREACH attack.An attacker with the ability to: Inject partial chosen...

openssl security update

Package: openssl Version: 0.9.8o-4squeeze16 CVE ID: CVE-2014-0224 CVE-2012-4929 CVE-2014-0224 This update updates the upstream fix for CVE-2014-0224 to address problems with renegotiation under some conditions. original text: KIKUCHI Masashi discovered that carefully crafted handshakes can force...

openssl security update

Package: openssl Version: 0.9.8o-4squeeze16 CVE ID: CVE-2014-0224 CVE-2012-4929 CVE-2014-0224 This update updates the upstream fix for CVE-2014-0224 to address problems with renegotiation under some conditions. original text: KIKUCHI Masashi discovered that carefully crafted handshakes can force...

DLA-0008-1 openssl - security update

Bulletin has no description...

openSUSE Security Update : openssl (openSUSE-SU-2013:1630-1)

This update disables compression in openssl by default, as the varying sizes resulting from compression can be used to retrieve plaintext in various cases. CRIME attack CVE-2012-4929. This update introduces a environment variable OPENSSLNODEFAULTZLIB which can be set to 'no' to reenable compressi...

openSUSE Security Update : libqt4 (openSUSE-SU-2013:0157-1)

libqt4 received security fixes for : - XMLHttpRequest could redirect to a file: URL CVE-2012-5624, bnc793194 - Disable SSL compression by default to mitigate CRIME attack CVE-2012-4929 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE Security Update : samba (openSUSE-SU-2013:1921-1)

" - Update to 4.1.3. + DCE-RPC fragment length field is incorrectly checked; CVE-2013-4408; bnc844720. + pamwinbind login without requiremembershipof restrictions; CVE-2012-6150; bnc853347. - Make use of the full gpg pub key file name including the key ID. - Add transparent file compression...

openSUSE Security Update : libvorbis (openSUSE-2012-141)

Specially crafted ogg files could cause a heap-based buffer overflow in the vorbis audio compression library that could potentially be exploited by attackers to cause a crash or execute arbitrary code %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

Facebook CSRF Tokens in Heavy Rotation to Ward off BREACH

The BREACH attack was the talk of Black Hat last summer. It was disclosed less than two months after the first Snowden leaks and helped renew focus on the security of online communication and the protocols guarding ecommerce and messaging. What BREACH did was throw a wrench into cross-site reques...

Answers is vulnerable to BREACH (SSL/HTTP gzip) attack

This is an external report, and not a high priority - certainly much lower impact than ANSWERS-648. This issue was reported by Nakul Mohan , 11 May - the email is too long to reproduce here. An attacker with the ability to: Inject partial chosen plaintext into a victim's requests Measure the size...