8517 matches found
CVE-2013-7386
The CVE-2013-7386 entry concerns BOINC’s PROJECT::write_account_file in client/cs_account.cpp. A format-string vulnerability in the gui_urls item of an account file could allow a remote attacker to crash the service or potentially execute arbitrary code. Affected software is BOINC client (around ...
CVE-2013-7386
Format string vulnerability in the PROJECT::writeaccountfile function in client/csaccount.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the guiurls item in an account file...
GLSA-201405-19 : MCrypt: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201405-19 MCrypt: User-assisted execution of arbitrary code Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple form...
GLSA-201405-12 : Ettercap: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201405-12 Ettercap: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Ettercap: Ettercap does not handle temporary files securely CVE-2010-3843. A format string flaw in Ettercap could cause a buffer overflo...
MCrypt: User-assisted execution of arbitrary code
Background MCrypt is a replacement of the old unix crypt1 utility. Description Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple format string errors CVE-2012-4426. MCrypt does not...
CVE-2014-1315
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a URL...
Format string
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a URL...
CVE-2014-1315
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a URL...
CVE-2014-1315
CVE-2014-1315 affects CoreServicesUIAgent in OS X 10.9.x up to 10.9.2. It is a format-string vulnerability in URL handling that could allow remote code execution or cause a denial of service (application crash). Root cause is a format string issue in the handling of URLs. Apple Security Update 20...
FreeBSD : nas -- multiple vulnerabilities (bf7912f5-c1a8-11e3-a5ac-001b21614864)
Hamid Zamani reports : multiple security problems buffer overflows, format string vulnerabilities and missing input sanitising, which could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Adobe Reader '.ETD File' Denial of Service Vulnerability - Mac OS X
Adobe Reader is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Reader '.ETD File' Denial of Service Vulnerability - Linux
Adobe Reader is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Reader '.ETD File' Denial of Service Vulnerability - Windows
Adobe Reader is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2009-5141
Format string vulnerability in War FTP Daemon warftpd 1.82 RC 12 allows remote authenticated users to cause a denial of service crash via format string specifiers in a LIST command...
Format string
Format string vulnerability in War FTP Daemon warftpd 1.82 RC 12 allows remote authenticated users to cause a denial of service crash via format string specifiers in a LIST command...
CVE-2009-5141
Format string vulnerability in War FTP Daemon warftpd 1.82 RC 12 allows remote authenticated users to cause a denial of service crash via format string specifiers in a LIST command...
CVE-2009-5141
War FTP Daemon (warftpd) 1.82 RC 12 has a format string vulnerability in the LIST command that lets remote authenticated users crash the service (denial of service). Root cause is improper handling of format specifiers in the LIST response. The issue is documented across Red Hat, NVD/NIST, and CV...
kernel: block: passing disk names as format strings
Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores...
CVE-2012-3404
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service stack...