8517 matches found
Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String
source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...
Apple Mac OSX 10.4.x - Help Viewer '.help' Filename Format String
source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...
CVE-2007-0463
Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service application crash or execute arbitrary code via format string specifiers in 1 SWUTMP or 2 SUCATALOG filenames, or using the 3 application/x-apple.sucatalog+xml MIME...
CVE-2007-0463
Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service application crash or execute arbitrary code via format string specifiers in 1 SWUTMP or 2 SUCATALOG filenames, or using the 3 application/x-apple.sucatalog+xml MIME...
CVE-2007-0463
CVE-2007-0463 describes a format-string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8. The flaw allows remote attackers to trigger a denial of service (app crash) or execute arbitrary code via format string specifiers in (1) SWUTMP, (2) SUCATALOG filenames, or the (3) applicatio...
MOAB-26-01-2007: Apple Installer Package Filename Format String Vulnerability
Summary Apple Installer is the application in charge of handling the installation of packages for Mac OS X, in form of pkg, distz and mpkg files. Installer fails to properly handle package filename strings. It's a affected by a typical format string vulnerability, which can lead to a denial of...
MOAB-24-01-2007: Apple Software Update Catalog Filename Format String Vulnerability
Summary Apple Software Update is used for delivering patches to end-users, such as the Apple Security Update 2007-001. It relies on the HTTP protocol for retrieving files associated with each available patch, and handles the application/x-apple.sucatalog+xml MIME type and the sucatalog and swutmp...
Apple Mac OS X Software Update / Apple Installer format string security vulnerability
Format string vulnerability on parsing filename of application/x-apple.sucatalog+xml files .sucatalog и .swutmp. Format string vulnerability in .pkg file name...
WS_FTP 2007 Professional SCP handling format string vulnerability
Synopsis: WSFTP 2007 Professional SCP handling format string vulnerability Product: WSFTP 2007 Professional Vendor: Ipswitch I. Background "..Transfer files anywhere, anytime, with complete security. Lightning fast transfer speeds Industry leading security Time saving features include schedule,...
[SECURITY] [DSA 1252-1] New vlc packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1252-1 [email protected] http://www.debian.org/security/ Martin Schulze January 27th, 2007 http://www.debian.org/security/faq -...
Apple Installer Package 2.1.5 - Filename Format String
Apple Installer Package 2.1.5 - Filename Format String source: https://www.securityfocus.com/bid/22272/info Apple Installer is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a...
DSA-1252-1 vlc
Bulletin has no description...
Apple Installer Package 2.1.5 - Filename Format String
source: https://www.securityfocus.com/bid/22272/info Apple Installer is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. A successful attack may crash the...
GLSA-200701-18 : xine-ui: Format string vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200701-18 xine-ui: Format string vulnerabilities Due to the improper handling and use of format strings, the errorscreatewindow function in errors.c does not safely write data to memory. Impact : An attacker could entice a user to...
Apple Mac OSX 10.4.x - Software Update Format String
Apple Mac OSX 10.4.x - Software Update Format String source: https://www.securityfocus.com/bid/22222/info Apple Software Update is prone to a format-string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the...
Apple Mac OSX 10.4.x - Software Update Format String
source: https://www.securityfocus.com/bid/22222/info Apple Software Update is prone to a format-string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. A...
xine-ui format string vulnerability
Format string vulnerability in errorscreatewindow on media files parsing...
Xine-ui format string Vulnerabilties.
there iz a fmt string vuln in xine-ui specifically in errors.c func errorscreatewindow that can be used to maliciously execuute arbitary code...
Format string
Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service null pointer dereference and application crash and possibly execute arbitrary code via format string specifiers in an aim:// URI...
xine-ui: Format string vulnerabilities
Background xine-ui is a skin-based user interface for xine. xine is a free multimedia player. It plays CDs, DVDs, and VCDs, and can also decode other common multimedia formats. Description Due to the improper handling and use of format strings, the errorscreatewindow function in errors.c does not...