Foxit Reader Plugin for Firefox URL Filename Stack Buffer Overflow

Added: 01/12/2013 BID: 57174 OSVDB: 89030 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader plugin for Firefox npFoxitReaderPlugin.dll is vulnerable to remote code execution as a result of failure to check boundary conditions when processing a URL...

Foxit Reader Plugin for Firefox URL Filename Stack Buffer Overflow

Added: 01/12/2013 BID: 57174 OSVDB: 89030 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader plugin for Firefox npFoxitReaderPlugin.dll is vulnerable to remote code execution as a result of failure to check boundary conditions when processing a URL...

Foxit Reader Plugin for Firefox URL Filename Stack Buffer Overflow

Added: 01/12/2013 BID: 57174 OSVDB: 89030 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader plugin for Firefox npFoxitReaderPlugin.dll is vulnerable to remote code execution as a result of failure to check boundary conditions when processing a URL...

FreeBSD : chromium -- multiple vulnerabilities (46bd747b-5b84-11e2-b06d-00262d5ed8ee)

Google Chrome Releases reports : 162494 High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. 165622 High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. 165864 High CVE-2012-5147:...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 162494 High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. 165622 High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. 165864 High CVE-2012-5147:...

Stack overflow

Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted filename...

UBUNTU-CVE-2012-6089

Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted filename...

CVE-2012-6089

Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted filename...

CVE-2012-6090

Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted filename...

Server: Code execution in /lib/filesystem.php

Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.2 allows authenticated remote attackers to execute arbitrary code by uploading a file with a special crafted filename. For more information please consult the official advisory. This advisory is licensed CC...

Microsoft Patches Critical Remote Flaws in Word, IE and Windows

A rare critical Microsoft Word vulnerability was patched today by Microsoft, one of seven security updates pushed out repairing 11 flaws in its December security update. The Word vulnerability earned a critical rating because the Outlook email client uses Word to display documents in the Outlook...

Microsoft Windows Filename Parsing Remote Code Execution (MS12-081; CVE-2012-4774)

A remote code execution vulnerability has been reported in Microsoft Windows...

PT-2012-5585 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A remote code execution issue exists due to the way Microsoft Windows parses filenames, potentially allowing attackers to execute arbitrary code in the context of the current...

Commonly used background Uploader to get shell-vulnerability warning-the black bar safety net

Sometimes into the background, take the shell also may be your fetters. With the editor, then specifically say, in case the editor is the Lite or is the vulnerability patching of the FCK, only the use of some small to upload, don't underestimate these upload points.! \ Can use the NC to submit, i...

Android Kernel 2.6 Denial Of Service

Exploit Title: Android Kernel 2.6 Local DoS Date: 12/7/12 Author: G13 Twitter: @g13net Versions: Android 2.2, 2.3 Category: DoS android Vulnerability The Android OS is vulnerable to a local DoS when a filename with a length of 2048 or larger is attempted to be written to the sdcardvfat fs multipl...

BlazeVideo HDTV Player Pro 6.6 - Filename Handling (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "BlazeVideo HDTV...

BlazeVideo HDTV Player Pro 6.6 Filename Handling Vulnerability

This Metasploit module exploits a vulnerability found in BlazeVideo HDTV Player's filename handling routine. When supplying a string of input data embedded in a .plf file, the MediaPlayerCtrl.dll component will try to extract a filename by using PathFindFileNameA, and then copies whatever the...

BlazeVideo HDTV Player Pro 6.6 Filename Handling

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "BlazeVideo HDTV...

RealPlayer buffer overflow

Buffer overflow on oversized filename in wathced folder...

CVE-2011-5219

Directory traversal vulnerability in examples/showcode.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...