8515 matches found
DEBIAN-CVE-2015-8106
Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...
CVE-2015-8106
Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...
UBUNTU-CVE-2015-8106
Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...
CVE-2015-8106
CVE-2015-8106 affects latex2rtf before 2.3.10. A format string vulnerability in CmdKeywords (funct1.c) allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command when processing a crafted TeX file. Fedora/Arch/Nessus entries indicate an update path to ...
CVE-2015-8106
Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...
PHP 5.5.x < 5.5.34 / 5.6.x < 5.6.20 / 7.0.x < 7.0.5 Multiple Vulnerabilities
Binary data 9171.prm...
PHP 5.6.x < 5.6.20 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.20. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...
PHP 5.5.x < 5.5.34 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.34. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...
PHP 7.0.x < 7.0.5 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...
PHP 5.5.33 / 7.0.4 - SNMP Format String
Exploit for multiple platform in category remote exploits // Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal "%Z" zval // format specifier in order to achieve code-execution. // We fake an object-type zval in memory and then bounce // through it carefully. First though, we...
PHP 5.5.33/7.0.4 - SNMP Format String
// Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal "%Z" zval // format specifier in order to achieve code-execution. // We fake an object-type zval in memory and then bounce // through it carefully. First though, we use the same // bug to leak a pointer to the string itsel...
PHP 5.5.337.0.4 - SNMP Format String
PHP 5.5.337.0.4 - SNMP Format String // Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal "%Z" zval // format specifier in order to achieve code-execution. // We fake an object-type zval in memory and then bounce // through it carefully. First though, we use the same // bug ...
Internet Bug Bounty: php_snmp_error() Format String Vulnerability
PHP snmperrstr was passed directly to zendthrowexceptionex without a "%s". This issue appears to have been present across all PHP versions. In testing, I have been able to leverage this vulnerability for full code-execution by abusing PHP's internal "%Z" zval format specifier. In the interest of...
php -- multiple vulnerabilities
The PHP Group reports: Fileinfo: Fixed bug 71527 Buffer over-write in finfoopen with malformed magic file. mbstring: Fixed bug 71906 AddressSanitizer: negative-size-param -1 in mbflstrcut. Phar: Fixed bug 71860 Invalid memory write in phar on filename with \0 in name. SNMP: Fixed bug 71704...
Gentoo Security Advisory GLSA 201603-12
Gentoo Linux Local Security Checks SPDX-FileCopyrightText: 2016 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.121454";...
GLSA-201603-12 : FlightGear, SimGear: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201603-12 FlightGear, SimGear: Multiple vulnerabilities Multiple format string vulnerabilities in FlightGear and SimGear allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via...
PT-2016-3271 · Xmlsoft +5 · Libxml2 +5
Name of the Vulnerable Software and Affected Versions: libxml2 versions prior to 2.9.4 Description: The issue is related to a format string vulnerability in the libxml2 library. This vulnerability may allow attackers to have an unspecified impact through format string specifiers in unknown vector...
FlightGear, SimGear: Multiple vulnerabilities
Background FlightGear is an open-source flight simulator. It supports a variety of popular platforms Windows, Mac, Linux, etc. and is developed by skilled volunteers from around the world. Source code for the entire project is available and licensed under the GNU General Public License. SimGear i...
OpenSSL Multiple Vulnerabilities -01 (Mar 2016) - Windows
OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...
OpenSSL Multiple Vulnerabilities -01 (Mar 2016) - Linux
OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...