91 matches found
DEBIAN-CVE-2018-10963
The TIFFWriteDirectorySec function in tifdirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service assertion failure and application crash via a crafted file, a different vulnerability than CVE-2017-13726...
LibTIFF Denial of Service Vulnerability (CNVD-2018-09656)
Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A security vulnerability exists in the 'TIFFWriteDirectorySec' function in the tifdirwrite.c...
DEBIAN-CVE-2017-10688
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tifdirwrite.c. A crafted input will lead to a remote denial of service attack...
Veritas System Recovery DLL Load Local Code Execution Vulnerability
Veritas System Recovery is a suite of disaster recovery software for virtual machines, servers and laptops from Veritas Technologies, USA. A local code execution vulnerability exists in the patch installer in versions prior to Veritas System Recovery 16 SP1. An attacker could exploit this...
ALPINE-CVE-2016-3658
The TIFFWriteDirectoryTagLongLong8Array function in tifdirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors involving the ma variable...
Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-02225)
Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. A denial of service vulnerability exists in the TIFFWriteDirectoryTagLongLong8Array function in the tifdirwrite.c file in Silicon Graphics LibTiff 4.0.6 and earlier...
CVE-2012-5375
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service prevention of file creation by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with ...
WebDAV aeration directory write permissions vulnerability-vulnerability warning-the black bar safety net
Recently, the 3 6 0 Web sitessecurity testingplatform issued an emergency Safety notice, widely used communication Protocol WebDAV there is a directory write permission to the high-risk vulnerabilities, an attacker can upload arbitrary text files, and combined with the server to resolve the...
Design/Logic Flaw
Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the...
Oracle MySQL for Microsoft Windows Payload Execution
This module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL = 5.5.9, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE...
rsync update
New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away and...