1017 matches found
Design/Logic Flaw
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a malformed dpx file...
Denial Of Service Through The Dpx File Handler
ImageMagick is vulnerable to a denial of service DoS via segmentation violation. This is possible through a crash in the dpx file handler...
Ubuntu crash reporting tool there is a remote code execution vulnerability-vulnerability warning-the black bar safety net
Security researchers found the Ubuntu crash reporting tool there is a remote code execution vulnerability, an attacker may only need a malicious file will be able to capture a system. The vulnerability affects all default installations of Ubuntu Linux 12.10 Quantaland later version of theoperatin...
Remote Code Execution Bug Found in Ubuntu Quantal
A remote code execution bug has been patched in the default installation of Ubuntu Desktop affecting all default installations of Quantal version 12.10 and later. According to researcher Donncha O’Cearbhaill, the bug allows for code injection when a user opens a specially crafted malicious file...
UBUNTU-CVE-2014-9811
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a malformed xwd file...
CVE-2014-9811
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a malformed xwd file...
Microsoft Outlook Express 4.x/5.x/6.0 Attachment Processing File Extension Obfuscation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13837/info Microsoft Outlook Express is prone to an attachment file extension obfuscation vulnerability that may present a risk under certain configurations. The issue manifests due to Microsoft Outlook Express behavior...
Microsoft Windows XP WAV File Handler Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11503/info Microsoft Windows XP is reported prone to a denial of service vulnerability. The issue exists due to a lack of sufficient sanitization performed on WAV file header values before they are processed. If an exploi...
MPG123 0.59 Remote File Play Heap Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8680/info A problem in the handling of some types of remote files has been reported in mpg123. Because of this, it may be possible for a remote attacker to execute arbitrary code with the privileges of the mpg123 user. /...
Opera Web浏览器file://处理器堆溢出漏洞
BUGTRAQ ID: 32323 Opera是一款流行的WEB浏览器,支持多种平台。 Opera Web浏览器的file://处理器没有正确地验证用户提供输入参数,如果用户受骗打开了恶意的HTML文档并向处理器传送了大约16,500个字符的话,就可以触发堆溢出,导致执行任意指令。请注意无法从Internet调用file://处理器,因此访问恶意网页不会触发这个溢出。 Opera Software Opera 9.62 Opera Software -------------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
Opera 9.6x file:// overflow
Hello all - I don't have time for a fancy advisory format, but I did want to disclose an issue. Sometime in early October late September?, around the time Opera 9.6 was released, I noticed that you could get it to crash after supplying the file:// handler with 16,500 characters. I played around...
Apache Tomcat's default security policy is too open
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...
Apache Tomcat's default security policy is too open
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...
Apache Tomcat's default security policy is too open
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...
Apache Tomcat's default security policy is too open
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...
Apache Tomcat's default security policy is too open
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...
Apache Win32 1.3.x/2.0.x - Batch File Remote Command Execution
source: https://www.securityfocus.com/bid/4335/info Special characters such as | may not be filtered by the batch file handler when a web request is made for a batch file. As a result, a remote attacker may be able to execute arbitrary commands on the host running the vulnerable software. It shou...