Code injection

The Innominate mGuard Smart HW before HW-101130 and BD before BD-101030, mGuard industrial RS, mGuard delta HW before HW-103060 and BD before BD-211010, mGuard PCI, mGuard blade, and EAGLE mGuard appliances with software before 7.5.0 do not use a sufficient source of entropy for private keys, whi...

CVE-2012-3006

The CVE-2012-3006 entry concerns Innominate mGuard devices (Smart HW before HW-101130, BD before BD-101030, Industrial RS, Delta HW before HW-103060, BD before BD-211010, PCI, Blade, EAGLE) running software before 7.5.0. The root cause is insufficient entropy when generating private keys for HTTP...

ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability

ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-315 October 27, 2011 -- CVE ID: CVE-2011-3249 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...

Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

Oracle, other companies hacked by Social Engineering attack in #DefCon 19

Oracle, other companies hacked by Social Engineering attack in DefCon 19 A weekend contest from 4th August to 7th August , at the world's largest hacking convention in Las Vegas showed one reason why big corporations seem to be such easy prey for cyber criminals : their workers are poorly trained...

Seccubus v1.5.3 - latest version download

"Tool to automatically fire regular security scans with Nessus. Compare results of the current scan with the previous scan and report on the delta in a web interface. Main objective of the tool is to make repeated scans more efficient." This is mostly a bugfix release. Download Seccubus v1.5.3...

ALPINE-CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

Heap overflow

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

PT-2010-5116 · Concurrent Versions System +1 · Cvs +1

Name of the Vulnerable Software and Affected Versions: CVS version 1.11.23 Description: The issue is related to an array index error in the apply rcs change function, located in the rcs.c file. This error can be exploited by local users to gain privileges through a specially crafted RCS file that...

Apache Subversion < 1.6.4 'libsvn_delta' Library Binary Delta svndiff Stream Parsing Multiple Overflows

The installed version of Subversion Client or Server is affected by multiple heap overflow issues. Specifically, the 'libsvndelta' library fails to perform sufficient boundary checks before processing certain svndiff streams. An attacker with commit access to a vulnerable Subversion server can...

ZDI-09-025: Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability

ZDI-09-025: Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-025 June 2, 2009 -- CVE ID: CVE-2009-0951 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection:...

Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of QuickTime Player. User interaction is required to exploit this vulnerability in that the target must either open a malicious file, or visit a malicious web page. The specific flaw exists during...

VMSA-2009-0003:ESX 2.5.5 patch 12 updates service console packag ed

VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console packag ed VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0003 VMware Security Advisory Synopsis: ESX 2.5.5 patch 12 updates service console packag ed VMware Security Advisory Issue date: 2009-01-26 VMware Security...

Security feature bypass

Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service host crash via a snapshot with a malformed VMDK delta disk...

CVE-2008-4914

Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service host crash via a snapshot with a malformed VMDK delta disk...

ESX patches address an issue loading corrupt virtual disks and update Service Console packages

a. Loading a corrupt delta disk may cause ESX to crashIf the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be us...