1486 matches found
security flaw
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
security flaw
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
security flaw
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
security flaw
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
security flaw
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
GLSA-200501-28 : Xpdf, GPdf: Stack overflow in Decrypt::makeFileKey2
The remote host is affected by the vulnerability described in GLSA-200501-28 Xpdf, GPdf: Stack overflow in Decrypt::makeFileKey2 iDEFENSE reports that the Decrypt::makeFileKey2 function in Xpdf's Decrypt.cc insufficiently checks boundaries when processing /Encrypt /Length tags in PDF files. Impac...
security flaw
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
security flaw
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
KDE KOffice buffer overflow
Buffer overflow in Decrypt::makeFileKey2 function...
Xpdf, GPdf: Stack overflow in Decrypt::makeFileKey2
Background Xpdf is an open source viewer for Portable Document Format PDF files. GPdf is a Gnome-based PDF viewer that includes some Xpdf code. Description iDEFENSE reports that the Decrypt::makeFileKey2 function in Xpdf's Decrypt.cc insufficiently checks boundaries when processing /Encrypt /Leng...
CVE-2005-0064
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value...
CVE-2005-0064
CVE-2005-0064 is a buffer overflow in Xpdf’s Decrypt::makeFileKey2 (Decrypt.cc) that affected Xpdf 3.00 and earlier, enabling remote code execution via PDFs with a large /Encrypt /Length. Connected GLSA entries confirm Xpdf (and GPdf) include code sharing Xpdf, and note the issue could impact CUP...
CA Unicenter Password Recovery Tool
List, The following can also be found at: http://www.kufumo.com/releases/ca-passwordrecover.txt Thanks, Tor Houghton ; $Id: ca-passwordrecover.txt,v 1.3 2003/05/20 10:46:51 torh Exp $ Computer Associates "Asset Manager" Password Recovery Tool c 2003 Tor Houghton th at kufumo dot com ++Synopsis++...
PT-2002-2406 · Newsreactor · Newsreactor
Name of the Vulnerable Software and Affected Versions: NewsReactor version 1.0 Description: The issue is related to a weak encryption scheme used by the software, which could allow local users to decrypt passwords and gain access to other users' newsgroup accounts. Recommendations: For NewsReacto...
PT-2002-2419 · Pgp +1 · Pgp +1
Name of the Vulnerable Software and Affected Versions: Microsoft Outlook plug-in PGP versions 7.0, 7.0.3, and 7.0.4 Description: The issue arises when the "Automatically decrypt/verify when opening messages" option is checked and the "Always use Secure Viewer when decrypting" option is not checke...
CVE-2002-0706
UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function...
CVE-1999-1049
ARCserve NT agents authenticate using a weak XOR scheme for passwords. The vulnerability allows remote attackers to sniff the authentication request sent to port 6050 and decrypt the password, leading to potential unauthorized access and confidentiality/ integrity impact as described in the CVE e...
CVE-2001-0618
Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy WEP encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic...
CVE-2001-0160
Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector IV values for the Wireless Encryption Protocol WEP which allows remote attackers to quickly compile information that will let them decrypt messages...
CVE-2000-1008
PalmOS 3.5.2 and earlier uses weak encryption to store the user password, allowing attackers with physical access to decrypt the password and gain access to the device. The vulnerability affects the password storage mechanism and is exploitable only with local access; no exploit details or mitiga...