3659 matches found
Design/Logic Flaw
The Installer in Apple Safari before 4.0 on Windows allows local users to gain privileges by checking a box that specifies an immediate launch of the application after installation, related to an unspecified compression method...
CVE-2009-2027
The Installer in Apple Safari before 4.0 on Windows allows local users to gain privileges by checking a box that specifies an immediate launch of the application after installation, related to an unspecified compression method...
Heap overflow
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FLC compression file...
CVE-2009-0951
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FLC compression file...
CVE-2009-0951
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted FLC compression file...
QuickTime < 7.6.2 Multiple Vulnerabilities (Windows)
The version of QuickTime installed on the remote Windows host is older than 7.6.2. Such versions contain several vulnerabilities : - An integer underflow in QuickTime's handling of PICT images may result in a heap-based buffer overflow and, in turn, to an application crash or arbitrary code...
Mandriva Linux Security Advisory : apache (MDVSA-2009:124-1)
Multiple vulnerabilities has been found and corrected in apache : Memory leak in the zlibstatefulinit function in crypto/comp/czlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service memory consumption via multiple calls, as demonstrated by initial S...
httpd: mod_ssl per-connection memory leak for connections with zlib compression
Memory leak in the zlibstatefulinit function in crypto/comp/czlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service memory consumption via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server modssl that specify...
PDF JBIG2 MMR infinite loop DoS
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service infinite loop and hang via a crafted PDF file...
MDVA-2008:134 : rpm
This package update adds support for LZMA compression in rpm. This will allow users of Mandriva Linux 2007.1 to upgrade to the Mandriva Linux 2009.0 release. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...
Mandriva Update for xman MDKA-2007:117 (xman)
Check for the Version of xman OpenVAS Vulnerability Test Mandriva Update for xman MDKA-2007:117 xman Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Mandriva Update for rpm MDVA-2008:134 (rpm)
Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVA-2008:134 rpm Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Mandriva Update for libtiff MDVSA-2008:184 (libtiff)
Check for the Version of libtiff OpenVAS Vulnerability Test Mandriva Update for libtiff MDVSA-2008:184 libtiff Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Update for rpm MDVA-2008:134 (rpm)
Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVA-2008:134 rpm Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Ubuntu Update for tiff vulnerability USN-639-1
Ubuntu Update for Linux kernel vulnerabilities USN-639-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6391.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for tiff vulnerability USN-639-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
BS.Player <= 2.34 Build 980 (.bsl) Local Buffer Overflow Exploit (SEH)
Exploit for unknown platform in category local exploits ====================================================================== BS.Player = 2.34 Build 980 .bsl Local Buffer Overflow Exploit SEH ====================================================================== ?php / Bs.Player = 2.34 Build 980...
BS.Player 2.34 Build 980 - .bsl Local Buffer Overflow (SEH)
BS.Player 2.34 Build 980 - .bsl Local Buffer Overflow SEH ?php / Bs.Player = 2.34 Build 980 .bsl local buffer overflow 0day exploit seh by Nine:Situations:Group::pyrokinesis Overlong hostnames in bsplayer playlist files causes eax and seh handlers to be overwritten. Cannot reliably debug with oll...
BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)
?php / Bs.Player = 2.34 Build 980 .bsl local buffer overflow 0day exploit seh by Nine:Situations:Group::pyrokinesis Overlong hostnames in bsplayer playlist files causes eax and seh handlers to be overwritten. Cannot reliably debug with olly because of code compression, just used...
djbdns超长响应报文远程缓存中毒漏洞
BUGTRAQ ID: 33937 djbdns是一个由Qmail的作者所设计的轻量级DNS server。 djbdns的response.c文件负责处理名称压缩。该文件12行对nameptr数组有each 16384的标注,但responseaddname没有强制这个限制。如果用户向报文中编码的名称中第一个后缀大于或等于16384字节的话,responseaddname就会错误的编码到名称的偏移,生成畸形的响应报文。这种响应报文会给查询用户误导性信息,有助于攻击者执行中间人等网络欺骗攻击。 D. J. Bernstein djbdns 1.05 厂商补丁: D. J. Bernste...
RedHat Update for libtiff RHSA-2008:0848-01
Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2008:0848-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...