RARLAB WinRar 2.903.x - UUEXXE Invalid Filename Error Message Format String

RARLAB WinRar 2.903.x - UUEXXE Invalid Filename Error Message Format String source: https://www.securityfocus.com/bid/15062/info WinRAR is prone to multiple remote vulnerabilities. These issues include a format string and a buffer overflow vulnerability. Successful exploitation may allow an...

GLSA-200510-09 : Weex: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200510-09 Weex: Format string vulnerability Ulf Harnhammar discovered a format string bug in Weex that can be triggered when it is first run or when its cache files are rebuilt, using the -r option. Impact : An attacker could setu...

SUSE-SA:2005:059: RealPlayer

The remote host is missing the patch for the advisory SUSE-SA:2005:059 RealPlayer. The following security issue in RealPlayer was fixed: - A format string bug in the RealPix .rp file format parser CVE-2005-2710. This bug allowed remote attackers to execute arbitrary code by supplying a specially...

GLSA-200510-07 : RealPlayer, Helix Player: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200510-07 RealPlayer, Helix Player: Format string vulnerability 'c0ntex' reported that RealPlayer and Helix Player suffer from a heap overflow. Impact : By enticing a user to play a specially crafted realpix .rp or realtext .rt...

Multiple WinRAR archiver vulnerabilities

UUEncoded files format string bug, ACE archives buffer overflow...

Slackware 10.0 / 10.1 / 10.2 / 9.1 / current : xine-lib (SSA:2005-283-01)

New xine-lib packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. A format string bug may allow the execution of arbitrary code as the user running a xine-lib linked application. The attacker must provide by uploading or running a server specially...

GLSA-200510-08 : xine-lib: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200510-08 xine-lib: Format string vulnerability Ulf Harnhammar discovered a format string bug in the routines handling CDDB server response contents. Impact : An attacker could submit malicious information about an audio CD to a...

Debian DSA-852-1 : up-imapproxy - format string vulnerabilities

Steve Kemp discovered two format string vulnerabilities in up-imapproxy, an IMAP protocol proxy, which may lead remote attackers to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...

Debian DSA-853-1 : ethereal - several vulnerabilities

Several security problems have been discovered in ethereal, a commonly used network traffic analyser. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2360 Memory allocation errors in the LDAP dissector can cause a denial of service. - CAN-2005-2361...

RARLAB WinRar 2.90/3.x - UUE/XXE Invalid Filename Error Message Format String

source: https://www.securityfocus.com/bid/15062/info WinRAR is prone to multiple remote vulnerabilities. These issues include a format string and a buffer overflow vulnerability. Successful exploitation may allow an attacker to execute arbitrary code on a vulnerable computer. WinRAR 3.50 and prio...

Debian DSA-855-1 : weex - format string vulnerability

Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in weex, a non-interactive FTP client for updating web pages, that could be exploited to execute arbitrary code on the clients machine. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...

xine-lib

New xine-lib packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. A format string bug may allow the execution of arbitrary code as the user running a xine-lib linked application. The attacker must provide by uploading or running a server specially...

USN-196-1: Xine library vulnerability

Ulf Harnhammar discovered a format string vulnerability in the CDDB module's cache file handling in the Xine library, which is used by packages such as xine-ui, totem-xine, and gxine. By tricking an user into playing a particular audio CD which has a specially-crafted CDDB entry, a remote attacke...

[SECURITY] [DSA 855-1] New weex packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 855-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 855-1] New weex packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 855-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...

[UNIX] xine based CD Player Format String

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Xine-Lib 1.1 - 'Media Player Library' Remote Format String

!/usr/bin/perl -- When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory on the stack, is passed to the fprin...

xine-lib <= 1.1 (media player library) Remote Format String Exploit

No description provided by source. !/usr/bin/perl -- When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory o...

security advisory - OpenVMPS

security advisory - OpenVMPS What is it? ----------- OpenVMPS is a substitute implementation of Cisco Virtual Membership Policy Server on Catalyst 65500 family of switches. It is used on Cisco LAN switces to dynamically assign ports to VLANs according to Ethernet Address. Because it was developed...

Xine-Lib 1.1 - Media Player Library Remote Format String

Xine-Lib 1.1 - Media Player Library Remote Format String !/usr/bin/perl -- When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which ...