6827 matches found
Concurrency-related vulnerability — Mozilla
Jonathan Watt and Michal Zalewski independently reported timing dependent testcases that trigger crashes at the same place during text display. We have seen no demonstration that these crashes could be reliably exploited, but they do show evidence of memory corruption so we presume they could be...
CVE-2006-4326
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by...
VulnCheck KEV: CVE-2006-4326
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by...
IrfanView 3.98 - .ANI Image File Denial of Service
IrfanView 3.98 - .ANI Image File Denial of Service source: https://www.securityfocus.com/bid/19452/info IrfanView is prone to a denial-of-service vulnerability. A remote attacker may crash the application, resulting in denial-of-service conditions to legitimate users. This issue may potentially b...
[Full-disclosure] [vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow
vuln.sg Vulnerability Research Advisory AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow by Tan Chew Keong Release Date: 2006-07-25 Summary ------- A vulnerability has been found in AGEphone. When exploited, the vulnerability allows execution of arbitrary code with privileges of the AGEpho...
[SA20976] Gimp XCF Parsing Buffer Overflow Vulnerability
---------------------------------------------------------------------- Reverse Engineer Wanted Secunia offers a Security Specialist position with emphasis on reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports...
netscapeXSS.txt
Netscape.com - Cross site scripting vulnerability ---------------------------------------------- Type: Cross site scripting Date: June, 13th 2006 ---------------------------------------------- Credits: ---------------------------------------------- Discovered by: David "Aesthetico" Vieira-Kurz...
QaTraq 6.5 RC: Multiple XSS Vulnerabilities
=========================================================== QaTraq 6.5 RC: Multiple XSS Vulnerabilities =========================================================== Technical University of Vienna Security Advisory TUVSA-0606-001, June 23, 2006...
HP-UX PHSS_33130 : HP-UX Running Motif Applications Remote Arbitrary Code Execution, Denial of Service (DoS) (HPSBUX02119 SSRT4848 rev.1)
s700800 11.11 X/Motif Runtime Periodic Patch : Potential security vulnerabilities have been identified with Motif applications running on HP-UX. The potential vulnerabilities could be exploited to allow remote execution of arbitrary code or Denial for Service DoS. References: CERT VU537878,...
Double-free on malformed VCard — Mozilla
Masatoshi Kimura reported a hang caused by a double-free in Thunderbird when processing a large VCard with invalid base64 characters in it. Since an attacker can supply an arbitrary amount of well-formed VCard data before introducing the error we presume this could be exploited to run code of the...
trac -- Wiki Macro Script Insertion Vulnerability
Secunia reports: A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed ...
[SA19637] RateIt "rateit_id" SQL Injection Vulnerability
TITLE: RateIt "rateitid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA19637 VERIFY ADVISORY: http://secunia.com/advisories/19637/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: RateIt 2.x http://secunia.com/product/9357/ DESCRIPTION: Aliaksandr...
[SA19296] WinHKI Multiple Archive Directory Traversal Vulnerability
TITLE: WinHKI Multiple Archive Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19296 VERIFY ADVISORY: http://secunia.com/advisories/19296/ CRITICAL: Less critical IMPACT: System access WHERE: From remote SOFTWARE: WinHKI 1.x http://secunia.com/product/4486/ DESCRIPTION: Hamid Ebadi has...
Microsoft Office Routing Slip Processing Remote Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote buffer-overflow vulnerability. This vulnerability occurs when the application handles a specially crafted document. A successful attack can result in a remote compromise in the context of an affected user. Update: This issue is known to be exploit...
freeciv -- Packet Parsing Denial of Service Vulnerability
Secunia reports: Luigi Auriemma has reported a vulnerability in Freeciv, which can be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to an error within the handling of the packet length in "common/packets.c". This can be exploited to crash the...
SMBlog.txt
Offical webpage : http://superbounou.phpnet.org/smartblog/ Version : v1.2 http://www.site.com/path/index.php?evilcode?&cmd=id http://www.site.com/?pg=evilcode?&cmd=id Patriotic Hackers irc.gigachat.net kurdhack Botan,B3g0k,Seyh,Nistiman...
Microsoft PowerPoint 2000 Remote Information Disclosure Vulnerability
Description Microsoft PowerPoint 2000 is prone to a remote information-disclosure vulnerability. Information gathered may be used to launch further attacks against a vulnerable computer. Technologies Affected Microsoft PowerPoint 2000 SP3 Recommendations Do not follow links provided by unknown or...
[SA18486] Dual DHCP DNS Server DHCP Options Buffer Overflow
TITLE: Dual DHCP DNS Server DHCP Options Buffer Overflow SECUNIA ADVISORY ID: SA18486 VERIFY ADVISORY: http://secunia.com/advisories/18486/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: From local network SOFTWARE: Dual DHCP DNS Server 1.x http://secunia.com/product/6868/...
[Full-disclosure] Advisory:XSS vulnerability on WebWiz Forums <= 6.34 (search_form.asp)
--Security Report-- Advisory:XSS vulnerability on WebWiz Forums = 6.34 searchform.asp --- Date: 08/01/06 07:19 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- About: Via this method the WebWiz Forums = 6.34 are being subjected to an attack namely XSS attack...
Microsoft Security Bulletin MS06-001 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
Microsoft Security Bulletin MS06-001 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution 912919 Published: January 5, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severi...