1285 matches found
AZL-6651 CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8
Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...
DEBIAN-CVE-2013-4420
Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...
PT-2014-2786 · None +1 · Libtar +1
Name of the Vulnerable Software and Affected Versions: libtar versions 1.2.20 and earlier Description: The issue concerns multiple directory traversal vulnerabilities in the tar extract glob and tar extract all functions. These vulnerabilities allow remote attackers to overwrite arbitrary files b...
Debian Security Advisory DSA 2863-1 (libtar - directory traversal)
A directory traversal attack was reported against libtar, a C library for manipulating tar archives. The application does not validate the filenames inside the tar archive, allowing to extract files in arbitrary path. An attacker can craft a tar file to override files beyond the tarextractglob an...
[Quarks PwDump] Dump Windows Credentials
Quarks PwDump is new open source tool to dump various types of Windows credentials: local account, domain accounts, cached domain credentials and bitlocker. The tool is currently dedicated to work live on operating systems limiting the risk of undermining their integrity or stability. It requires...
DEBIAN-CVE-2013-4473
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a source filename...
http-comments-displayer NSE Script
Extracts and outputs HTML and JavaScript comments from HTTP responses. Script Arguments http-comments-displayer.singlepages Some single pages to check for comments. For example, "/", "/wiki". Default: nil crawler mode on http-comments-displayer.context declares the number of chars to extend our...
WordPress W3-Total-Cache Plugin 0.9.2.4 (or before) Username and Hash Extract
The W3-Total-Cache Wordpress Plugin 'WordPress W3-Total-Cache Plugin 0.9.2.4 or before Username and Hash Extract', 'Description' = "The W3-Total-Cache Wordpress Plugin = 0.9.2.4 can cache database statements and its results in files for fast access. Version 0.9.2.4 has been fixed afterwards so it...
DEBIAN-CVE-2011-3936
The dvextractaudio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a craft...
MSSQL Schema Dump
This module attempts to extract the schema from a MSSQL Server Instance. It will disregard builtin and example DBs such as master, model, msdb, and tempdb. The module will create a note for each DB found, and store a YAML formatted output as loot for easy reading. This module requires Metasploit:...
Windows Gather Trillian Password Extractor
This module extracts account password from Trillian & Trillian Astra v4.x-5.x instant messenger. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Trillian Password Extractor',...
PDF Extract TIFF 'pdf2tif.dll'缓冲区溢出漏洞
Bugtraq ID: 47322 PDF Extract TIFF用于从PDF文件中提取图像并且保存为TIFF格式,然后用Word, Adobe Photoshop之类的程序进行再次编辑。 解析PDF文件时pdf2tif.dll存在错误,攻击者可以构建恶意输入文件,诱使用户解析触发缓冲区溢出,可导致以应用程序上下文执行任意代码。插件也受此漏洞影响。 VeryPDF PDF Extract TIFF 厂商解决方案 用户可联系供应商下载最新版本: http://www.verypdf.com/...
VeryPDF PDF Extract TIFF library multiple security vulnerabilities
Multiple vulnerabilities on PDF parsing...
CVE-2011-0420
The graphemeextract function in the Internationalization extension Intl for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service crash via an invalid size argument, which triggers a NULL pointer dereference...
PHP < 5.2.15 Security Bypass Vulnerability
PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...
CVE-2011-0752
The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...
Design/Logic Flaw
The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...
CVE-2011-0752
The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...
CVE-2011-0752
PHP 5.2.x before 5.2.15 is affected by an exploit in the extract function where EXTR_OVERWRITE can overwrite the GLOBALS array and the this variable, enabling context‑dependent attackers to bypass access restrictions by modifying data structures. The issue is tied to previous CVEs (2005/2006) and...
CVE-2011-0752
The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...