Lucene search
K

471 matches found

Gentoo Linux
Gentoo Linux
added 2007/07/28 12:0 a.m.43 views

VLC media player: Format string vulnerabilities

Background VLC media player is a multimedia player for various audio and video formats. Description David Thiel from iSEC Partners Inc. discovered format string errors in various plugins when parsing data. The affected plugins include Vorbis, Theora, CDDA and SAP. Impact A remote attacker could...

9.3CVSS7AI score0.17079EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2007/06/21 6:30 p.m.33 views

CVE-2007-3316

Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in 1 an Ogg/Vorbis file, 2 an Ogg/Theora file, 3 a CDDB entry for a CD Digital Audio CDDA...

9.3CVSS6.3AI score0.17079EPSS
Exploits0References1
NVD
NVD
added 2007/06/21 6:30 p.m.23 views

CVE-2007-3316

Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in 1 an Ogg/Vorbis file, 2 an Ogg/Theora file, 3 a CDDB entry for a CD Digital Audio CDDA...

9.3CVSS7.8AI score0.17079EPSS
Exploits0References16
OSV
OSV
added 2007/06/21 6:30 p.m.9 views

CVE-2007-3316

Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in 1 an Ogg/Vorbis file, 2 an Ogg/Theora file, 3 a CDDB entry for a CD Digital Audio CDDA...

7.7AI score
Exploits0References17
Cvelist
Cvelist
added 2007/06/21 6:0 p.m.36 views

CVE-2007-3316

Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in 1 an Ogg/Vorbis file, 2 an Ogg/Theora file, 3 a CDDB entry for a CD Digital Audio CDDA...

7.6AI score0.17079EPSS
Exploits0References16
Debian CVE
Debian CVE
added 2007/06/21 6:0 p.m.22 views

CVE-2007-3316

Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in 1 an Ogg/Vorbis file, 2 an Ogg/Theora file, 3 a CDDB entry for a CD Digital Audio CDDA...

9.3CVSS6.6AI score0.17079EPSS
Exploits0
CVE
CVE
added 2007/06/21 6:0 p.m.89 views

CVE-2007-3316

VLC media player (before version 0.8.6c) is affected by multiple format-string vulnerabilities in plugins for Ogg Vorbis, Ogg Theora, CDDA, and SAP. The underlying issue is a C-style format string error in parsing the media data stream, which could allow a remote attacker to crash the player or e...

9.3CVSS7.6AI score0.17079EPSS
Exploits0References16Affected Software1
CVE
CVE
added 2007/04/30 10:0 p.m.54 views

CVE-2007-2054

AFFLIB 2.2.6 and earlier contains multiple format-string vulnerabilities exposing several command-line utilities (lib/s3.cpp, tools/afconvert.cpp, tools/afcopy.cpp, tools/afinfo.cpp, aimage/aimage.cpp, aimage/imager.cpp, tools/afxml.cpp) to remote code execution via parameters used as format stri...

7.5CVSS7.8AI score0.03384EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/04/30 10:0 p.m.20 views

CVE-2007-2352

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...

7.8AI score0.05133EPSS
Exploits0References3
CVE
CVE
added 2007/04/30 10:0 p.m.51 views

CVE-2007-2352

Summary (CVE-2007-2352): AFFLIB before 2.2.6 contains multiple format-string vulnerabilities exploitable via command-line inputs that are used as format strings in warn/err calls. Affected components include lib/s3.cpp, tools/afconvert.cpp, tools/afcopy.cpp, tools/afinfo.cpp, aimage/imager.cpp, a...

10CVSS7.8AI score0.05133EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2007/04/26 9:19 p.m.31 views

CVE-2007-2318

Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in 1 FTP server responses or 2 data sent by an FTP server. NOTE: some of these details are obtained from third party information...

9.3CVSS6.3AI score0.045EPSS
Exploits0References1
OSV
OSV
added 2007/04/26 9:19 p.m.7 views

CVE-2007-2318

Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in 1 FTP server responses or 2 data sent by an FTP server. NOTE: some of these details are obtained from third party information...

7.6AI score
Exploits0References6
Debian CVE
Debian CVE
added 2007/04/26 9:0 p.m.24 views

CVE-2007-2318

Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in 1 FTP server responses or 2 data sent by an FTP server. NOTE: some of these details are obtained from third party information...

9.3CVSS7.5AI score0.045EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/04/02 12:0 a.m.460 views

PHP < 4.4.5 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is older than 4.4.5. Such versions may be affected by several issues, including buffer overflows, format string vulnerabilities, arbitrary code execution, 'safemode' and 'openbasedir' bypasses, and clobbering of super-global...

10CVSS5.8AI score0.40435EPSS
Exploits16References24
Tenable Nessus
Tenable Nessus
added 2007/04/02 12:0 a.m.89 views

PHP < 5.2.1 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is older than 5.2.1. Such versions may be affected by several issues, including buffer overflows, format string vulnerabilities, arbitrary code execution, 'safemode' and 'openbasedir' bypasses, and clobbering of super-global...

10CVSS5.8AI score0.15195EPSS
Exploits10References28
NVD
NVD
added 2007/03/19 10:19 p.m.26 views

CVE-2007-1503

Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via format string specifiers to the createctcpmessage function using the message argument to the 1 me or 2 ctcp commands, and possibly related vectors involving the 3 whois, 4...

7.5CVSS7.8AI score0.03405EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2007/03/19 10:19 p.m.29 views

CVE-2007-1503

Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via format string specifiers to the createctcpmessage function using the message argument to the 1 me or 2 ctcp commands, and possibly related vectors involving the 3 whois, 4...

7.5CVSS6.3AI score0.03405EPSS
Exploits0References1
CVE
CVE
added 2007/03/19 10:0 p.m.56 views

CVE-2007-1503

CVE-2007-1503 concerns the Rhapsody IRC client (version 0.28b) with multiple format string vulnerabilities in comm.c, specifically in create_ctcp_message used by (1) me and (2) ctcp commands, and potentially vectors involving (3) whois, (4) mode, and (5) topic. The defect allows remote attackers ...

7.5CVSS7.8AI score0.03405EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/02/13 11:0 p.m.115 views

CVE-2007-0909

PHP 5.2.1 and earlier versions are affected by CVE-2007-0909 due to format string vulnerabilities in 64‑bit print functions and odbc_result_all, enabling arbitrary code execution. OpenVAS/Nessus references confirm this is fixed in later PHP releases by backported patches (PHP 5.2.1+). Affected co...

7.5CVSS7.9AI score0.03252EPSS
Exploits0References40Affected Software1
Gentoo Linux
Gentoo Linux
added 2007/01/23 12:0 a.m.28 views

xine-ui: Format string vulnerabilities

Background xine-ui is a skin-based user interface for xine. xine is a free multimedia player. It plays CDs, DVDs, and VCDs, and can also decode other common multimedia formats. Description Due to the improper handling and use of format strings, the errorscreatewindow function in errors.c does not...

10CVSS7AI score0.03486EPSS
Exploits0
Rows per page
Query Builder