CVE-2017-12892

Foxit PDF Compressor installers (versions 7.0.0.183 through 7.7.2.10) are affected by a DLL preloading vulnerability. The issue arises because the installer can load a malicious DLL located in its current working directory, enabling potential code execution during installation. CVE-2017-12892 is ...

What are Javascript Source Maps?

Its generally a good practice to minify and combine your assets Javascript & CSS when deploying to production. This process reduces the size of your assets and dramatically improves your websites load time. Source maps create a map from these compressed asset files back to the source files. This...

[SECURITY] Fedora 25 Update: bzip2-1.0.6-21.fc25

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...

Multi Manage File Compressor

This module zips a file or a directory. On Linux, it uses the zip command. On Windows, it will try to use remote target's 7Zip if found. If not, it falls back to its Windows Scripting Host. This module requires Metasploit: https://metasploit.com/download Current source:...

[SECURITY] Fedora 21 Update: arc-5.21p-5.fc21

Arc file archiver and compressor. Long since superseded by zip/unzip but useful if you have old .arc files you need to unpack...

ARRIS DG860A - NVRAM Backup Password Disclosure

ARRIS DG860A - NVRAM Backup Password Disclosure ! /usr/bin/env ruby ARRIS DG860A NVRAM Backup 'Compressor/Decompressor', it really does xor? Gleaned from scmix executable in firmware dump. Backup file is world readable without authentication and contains password information in plain text...

ARRIS DG860A NVRAM Backup Compressor / Decompressor

! /usr/bin/env ruby ARRIS DG860A NVRAM Backup 'Compressor/Decompressor', it really does xor? Gleaned from scmix executable in firmware dump. Backup file is world readable without authentication and contains password information in plain text. box:arris-dev cosmo$ wget http://192.168.0.1/router.da...

CVE-2012-2098

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...

Nmap NSE net: ssl-enum-ciphers

This script repeatedly initiates SSL/TLS connections, each time trying a new cipher or compressor while recording whether a host accepts or rejects it. The end result is a list of all the ciphers and compressors that a server accepts. SSLv3/TLSv1 requires more effort to determine which ciphers an...

[SECURITY] Fedora 12 Update: bzip2-1.0.6-1.fc12

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...

[SECURITY] Fedora 14 Update: bzip2-1.0.6-1.fc14

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...

[SECURITY] Fedora 13 Update: bzip2-1.0.6-1.fc13

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...

bzip2 security update

CentOS Errata and Security Advisory CESA-2010:0703 Updated bzip2 packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVS...

USN-986-1: bzip2 vulnerability

An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program...

ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability

ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-042 April 2, 2010 -- CVE ID: CVE-2010-0528 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection:...

Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of...

DEBIAN-CVE-2009-1720

Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to 1 the Imf::PreviewImage::PreviewImage function and...

CVE-2009-1720

Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to 1 the Imf::PreviewImage::PreviewImage function and...

[SECURITY] Fedora 7 Update: bzip2-1.0.4-11.fc7

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...

[SECURITY] Fedora 8 Update: bzip2-1.0.4-13.fc8

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...