Discuz attachment download permission bypass method-vulnerability warning-the black bar safety net

Ultra vires download contain a“Read permissions”plug-in, download plug-in free snap coin To reproduce the steps of: 1, Using the administrator account, Upload a high reading permissions of the attachment 2, The use of low-privileged user account, download the attachment, this time, Discuz will...

phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)

A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...

(gif2tiff): GIF LZW decoder missing datasize value check

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service out-of-bounds write via a crafted 1 extension block in a GIF image or 2 GIF raster image to tools/gif2tiff.c or 3 a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are...

libpng拒绝服务漏洞

Bugtraq ID:65776 CVE ID:CVE-2014-0333 libpng是一款多种应用程序所使用的解析PNG图形格式的函数库。 libpng16中的渐进式解码器在处理零长度IDAT块时存在安全漏洞，允许攻击者利用漏洞构建恶意文件，诱使用户解析，可使应用程序挂起。 0 libpng 1.6.0 -1.6.9 厂商补丁： libpng ----- 用户可参考如下厂商提供的安全补丁以修复该漏洞： https://sourceforge.net/projects/libpng/files/libpng16/patch-libpng16-vu684412.diff...

EasyTalk Sql Injection 1-5

简要描述： 过滤不严。 详细说明： 注入1： 在topicaction.class.php中 public function topic $keyword=$this-get'keyword','urldecode';//无过滤 且解码 if $keyword $topic = D'Topic'-where"topicname='$keyword'"-find; if $topic $isfollow=D'Mytopic'-isfollow$topic'id',$this-my'userid';...

DEBIAN-CVE-2014-0045

The needSamples method in AudioOutputSpeech.cpp in the client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots, Mumble for iOS 1.1 through 1.2.2, and MumbleKit before commit fd190328a9b24d37382b269a5674b0c0c7a7e36d does not check the return value of the opusdecodefloat function, which allows...

Firefox < 27.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 27.0 and is, therefore, potentially affected by multiple vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477, CVE-2014-1478 - An error exists related to...

Mozilla Thunderbird < 24.3 Multiple Vulnerabilities

Binary data 8100.prm...

SeaMonkey < 2.24 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.24 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477, CVE-2014-1478 - An error exists relat...

Firefox ESR 24.x < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to...

Firefox < 27.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 27.0 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477, CVE-2014-1478 - An error exists related...

Thunderbird < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to System...

OpenJDK: XXE issue in decoder (Beans, 8023245)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the Janua...

PNG Image Metadata Found Leveraging iFrame Injections

Researchers have discovered a relatively new way to distribute malware that relies on reading JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections. The technique makes it highly unlikely a virus scanner would catch it because the injection method is so deeply...

Incorrect use of discarded images by RasterImage — Mozilla

Fredrik 'Flonka' Lönnqvist discovered an issue with image decoding in RasterImage caused by continued use of discarded images. This could allow for the writing to unowned memory and a potentially exploitable crash...

OpenJDK: XXE issue in decoder (Beans, 8023245)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the Janua...

OpenJDK: XXE issue in decoder (Beans, 8023245)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the Janua...

DEBIAN-CVE-2011-3944

The smackerdecodeheadertree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data...

bugs in IJG jpeg6b &amp; libjpeg-turbo

Dearly beloved, So, for one reason or another, the IJG jpeg library has gained some notoriety as one of the most robust pieces of complex, security-critical C code. Despite countless fuzzing efforts, I don't recall any reports of serious vulnerabilities at least since the release of jpeg6b in 199...

CVE-2013-0875

The ffaddpngpaethprediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access...