Lucene search
K

8517 matches found

Exploit DB
Exploit DB
added 2007/01/30 12:0 a.m.29 views

Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String

source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/30 12:0 a.m.21 views

Apple Mac OSX 10.4.x - Help Viewer '.help' Filename Format String

source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...

7.4AI score
Exploits0
NVD
NVD
added 2007/01/29 4:28 p.m.22 views

CVE-2007-0463

Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service application crash or execute arbitrary code via format string specifiers in 1 SWUTMP or 2 SUCATALOG filenames, or using the 3 application/x-apple.sucatalog+xml MIME...

5CVSS7.5AI score0.1754EPSS
Exploits1References10
Cvelist
Cvelist
added 2007/01/29 4:0 p.m.23 views

CVE-2007-0463

Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service application crash or execute arbitrary code via format string specifiers in 1 SWUTMP or 2 SUCATALOG filenames, or using the 3 application/x-apple.sucatalog+xml MIME...

8AI score0.1754EPSS
Exploits1References10
CVE
CVE
added 2007/01/29 4:0 p.m.44 views

CVE-2007-0463

CVE-2007-0463 describes a format-string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8. The flaw allows remote attackers to trigger a denial of service (app crash) or execute arbitrary code via format string specifiers in (1) SWUTMP, (2) SUCATALOG filenames, or the (3) applicatio...

5CVSS8AI score0.1754EPSS
Exploits1References10Affected Software1
securityvulns
securityvulns
added 2007/01/29 12:0 a.m.49 views

MOAB-26-01-2007: Apple Installer Package Filename Format String Vulnerability

Summary Apple Installer is the application in charge of handling the installation of packages for Mac OS X, in form of pkg, distz and mpkg files. Installer fails to properly handle package filename strings. It's a affected by a typical format string vulnerability, which can lead to a denial of...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2007/01/29 12:0 a.m.39 views

MOAB-24-01-2007: Apple Software Update Catalog Filename Format String Vulnerability

Summary Apple Software Update is used for delivering patches to end-users, such as the Apple Security Update 2007-001. It relies on the HTTP protocol for retrieving files associated with each available patch, and handles the application/x-apple.sucatalog+xml MIME type and the sucatalog and swutmp...

Exploits0
securityvulns
securityvulns
added 2007/01/29 12:0 a.m.53 views

Apple Mac OS X Software Update / Apple Installer format string security vulnerability

Format string vulnerability on parsing filename of application/x-apple.sucatalog+xml files .sucatalog и .swutmp. Format string vulnerability in .pkg file name...

7.6CVSS2.8AI score0.1833EPSS
Exploits2References2Affected Software1
securityvulns
securityvulns
added 2007/01/28 12:0 a.m.29 views

WS_FTP 2007 Professional SCP handling format string vulnerability

Synopsis: WSFTP 2007 Professional SCP handling format string vulnerability Product: WSFTP 2007 Professional Vendor: Ipswitch I. Background "..Transfer files anywhere, anytime, with complete security. Lightning fast transfer speeds Industry leading security Time saving features include schedule,...

0.4AI score
Exploits0
Debian
Debian
added 2007/01/27 2:37 p.m.18 views

[SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1252-1 [email protected] http://www.debian.org/security/ Martin Schulze January 27th, 2007 http://www.debian.org/security/faq -...

6.8CVSS6.1AI score0.11975EPSS
Exploits3
exploitpack
exploitpack
added 2007/01/27 12:0 a.m.7 views

Apple Installer Package 2.1.5 - Filename Format String

Apple Installer Package 2.1.5 - Filename Format String source: https://www.securityfocus.com/bid/22272/info Apple Installer is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a...

0.1AI score
Exploits0
OSV
OSV
added 2007/01/27 12:0 a.m.18 views

DSA-1252-1 vlc

Bulletin has no description...

6.8CVSS6AI score0.11975EPSS
Exploits3
Exploit DB
Exploit DB
added 2007/01/27 12:0 a.m.20 views

Apple Installer Package 2.1.5 - Filename Format String

source: https://www.securityfocus.com/bid/22272/info Apple Installer is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. A successful attack may crash the...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/01/26 12:0 a.m.16 views

GLSA-200701-18 : xine-ui: Format string vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-18 xine-ui: Format string vulnerabilities Due to the improper handling and use of format strings, the errorscreatewindow function in errors.c does not safely write data to memory. Impact : An attacker could entice a user to...

10CVSS6AI score0.03486EPSS
Exploits0References2
exploitpack
exploitpack
added 2007/01/25 12:0 a.m.12 views

Apple Mac OSX 10.4.x - Software Update Format String

Apple Mac OSX 10.4.x - Software Update Format String source: https://www.securityfocus.com/bid/22222/info Apple Software Update is prone to a format-string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/25 12:0 a.m.18 views

Apple Mac OSX 10.4.x - Software Update Format String

source: https://www.securityfocus.com/bid/22222/info Apple Software Update is prone to a format-string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. A...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.38 views

xine-ui format string vulnerability

Format string vulnerability in errorscreatewindow on media files parsing...

10CVSS4.1AI score0.03486EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.40 views

Xine-ui format string Vulnerabilties.

there iz a fmt string vuln in xine-ui specifically in errors.c func errorscreatewindow that can be used to maliciously execuute arbitary code...

2.8AI score
Exploits0
Prion
Prion
added 2007/01/23 12:28 a.m.19 views

Format string

Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service null pointer dereference and application crash and possibly execute arbitrary code via format string specifiers in an aim:// URI...

7.5CVSS7.8AI score0.22974EPSS
Exploits1References11Affected Software1
Gentoo Linux
Gentoo Linux
added 2007/01/23 12:0 a.m.27 views

xine-ui: Format string vulnerabilities

Background xine-ui is a skin-based user interface for xine. xine is a free multimedia player. It plays CDs, DVDs, and VCDs, and can also decode other common multimedia formats. Description Due to the improper handling and use of format strings, the errorscreatewindow function in errors.c does not...

10CVSS7AI score0.03486EPSS
Exploits0
Rows per page
Query Builder