477 matches found
glibc: printf() unbound alloca() usage in case of positional parameters + many format specs
The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...
glibc: incorrect use of extend_alloca() in formatted printing can lead to FORTIFY_SOURCE format string protection bypass
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...
glibc: printf() unbound alloca() usage in case of positional parameters + many format specs
The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...
glibc: incorrect size calculation in formatted printing can lead to FORTIFY_SOURCE format string protection bypass
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service stack...
glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...
[CVE-2012-1621] Apache OFBiz information disclosure vulnerability
CVE-2012-1621: Apache OFBiz information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation - Apache OFBiz ======Versions Affected====== Apache OFBiz 10.04 also known as 10.04.01 ======Description====== Multiple XSS: XSS 1: Error messages containing user input...
glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...
glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...
UBUNTU-CVE-2010-3192
Certain run-time memory protection mechanisms in the GNU C Library aka glibc or libc6 print argv0 and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program tha...
HP Snags Application Testing Firm Fortify
The drumbeat for more secure application development picked up pace on Tuesday, with news that software giant HP had acquired privately funded Fortify Software, a maker of static code analysis tools, for an undisclosed amount. HP said that Fortify’s static analysis tools will complement its dynam...
CVE-2010-0393
The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...
MySQL yaSSL CertDecoder::GetName Buffer Overflow
This module exploits a stack buffer overflow in the yaSSL 1.9.8 and earlier implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside...
Fortify 360 Web Interface Detection
The remote web server is running the web interface for Fortify 360, a web interface to analyze the results of source code audits. As this interface is likely to contain sensitive information, make sure only authorized personel can log into this site C Tenable Network Security, Inc...
Can we learn from Microsoft and Google on security?
Tech security company Fortify and security consulting firm Cigital are getting ready to release a set of best practices that tech companies and other businesses can follow to ensure that the software they develop is secure. The authors developed the model by studying the security practices at...
And then the explosion a few micro-points have not fortified from the start or passive start-vulnerability warning-the black bar safety net
From a friend: large ravioli 1. cmd to run before the execution of the programsysnap inform --passive start HKEYCURRENTUSER\Software\Microsoft\Command Processor AutoRun REGSZ "xxx.exe" 2. session manager-from the start HKEYLOCALMACHINE\SYSTEM\ControlSet001\Control\Session Manager...
SUSE-SA:2007:005: w3m
The remote host is missing the patch for the advisory SUSE-SA:2007:005 w3m. A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not...
Fortify 360 Web Interface Detection
Binary data 5007.prm...