208 matches found
Integer overflow
When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will cause the buffer to be...
The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.
A vulnerability exists in the SnifferDecompress function in the wireshark/Wireshark DOS Sniffer processing tool, due to the possibility of data overwriting during copying. Exploiting this vulnerability allows malicious actors operating remotely to cause a service failure abrupt termination of the...
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...
Code injection
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...
srm - command-line program to delete files securely
srm is a secure replacement for rm1. Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it's unlikely tha...
CVE-2014-6432
Wireshark vulnerable component: Sniffer file parser (wiretap/ngsniffer.c). CVE-2014-6432 is caused by the SnifferDecompress function not preventing data overwrites during copy operations, enabling DoS (application crash) via a crafted file. Affected versions: Wireshark 1.10.x before 1.10.10 and 1...
CVE-2014-6432
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service application crash via a crafted file...
Authorization
The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service data overwrite or disk consumption via...
CVE-2013-6714
The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service data overwrite or disk consumption via...
CVE-2013-6714
The CVE-2013-6714 issue affects IBM Tivoli Storage FlashCopy Manager for VMware (FlashCopy Manager for VMware) 3.1, 3.2 and 4.1, where the GUI does not properly enforce authorization for backup/restore operations. This can allow local users to access VM data or perform restores that overwrite pro...
[SECURITY] Fedora 19 Update: srm-1.2.13-1.fc19
srm is a secure replacement for rm1. Unlike the standard rm, it overwrites the data in the target files before unlinkg them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it's unlikely that...
Mandriva Linux Security Advisory : cups-pk-helper (MDVSA-2013:069)
Updated cups-pk-helper package fixes security vulnerability : cups-pk-helper, a PolicyKit helper to configure CUPS with fine-grained privileges, wraps CUPS function calls in an insecure way. This could lead to uploading sensitive data to a CUPS resource, or overwriting specific files with the...
Malformed GIF images could allow execution of arbitrary code
When loading GIF images into memory, Opera should allocate the correct amount of memory to store that image. Specially crafted image files can cause Opera to allocate the wrong amount of memory. Subsequent data may then overwrite unrelated memory with attacker-controlled data. This can lead to a...
RealNetworks RealPlayer IVR MLTI Chunk Length Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...
MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass
The version of MySQL Enterprise Server 5.0 installed on the remote host is earlier than 5.0.70. In such versions, it is possible for a local user to circumvent privileges through the creation of MyISAM tables employing the 'DATA DIRECTORY' and 'INDEX DIRECTORY' options to overwrite existing table...
ListManager < 9.3b / 9.2c / 8.95d Multiple Vulnerabilities
Binary data 4399.prm...
security flaw
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...
Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)
Microsoft Excel - Malformed Palette Record Denial of Service PoC MS07-002 """ MS07-002 EXCEL Malformed Palette Record Vulnerability DOS POC Author LifeAsaGeek at gmail.com ... and Microsoft said that vuln credit is for Greg MacManus of iDefense Labs Vulnerablity Description Bound error occurs whe...