Lucene search
K

477 matches found

RedHat Linux
RedHat Linux
added 2012/07/18 3:18 p.m.4 views

glibc: printf() unbound alloca() usage in case of positional parameters + many format specs

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

6.8CVSS6.2AI score0.03163EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/18 3:17 p.m.8 views

glibc: incorrect use of extend_alloca() in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...

5CVSS6AI score0.02087EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/18 3:17 p.m.5 views

glibc: printf() unbound alloca() usage in case of positional parameters + many format specs

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

6.8CVSS6.2AI score0.03163EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/18 3:17 p.m.6 views

glibc: incorrect size calculation in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service stack...

5CVSS6AI score0.02225EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/04/30 5:7 p.m.18 views

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS7.5AI score0.02717EPSS
Exploits5References4
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.106 views

[CVE-2012-1621] Apache OFBiz information disclosure vulnerability

CVE-2012-1621: Apache OFBiz information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation - Apache OFBiz ======Versions Affected====== Apache OFBiz 10.04 also known as 10.04.01 ======Description====== Multiple XSS: XSS 1: Error messages containing user input...

4.3CVSS0.9AI score0.09795EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2012/03/19 9:57 p.m.4 views

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS7.5AI score0.02717EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2012/03/15 4:30 p.m.8 views

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS7.5AI score0.02717EPSS
Exploits5References4
OSV
OSV
added 2010/10/14 5:58 a.m.17 views

UBUNTU-CVE-2010-3192

Certain run-time memory protection mechanisms in the GNU C Library aka glibc or libc6 print argv0 and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program tha...

5CVSS7.6AI score0.01606EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2010/08/17 5:14 p.m.13 views

HP Snags Application Testing Firm Fortify

The drumbeat for more secure application development picked up pace on Tuesday, with news that software giant HP had acquired privately funded Fortify Software, a maker of static code analysis tools, for an undisclosed amount. HP said that Fortify’s static analysis tools will complement its dynam...

Exploits0References2
UbuntuCve
UbuntuCve
added 2010/03/03 12:0 a.m.28 views

CVE-2010-0393

The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...

6.9CVSS5.9AI score0.0032EPSS
Exploits0References2
Metasploit
Metasploit
added 2010/01/27 11:24 p.m.78 views

MySQL yaSSL CertDecoder::GetName Buffer Overflow

This module exploits a stack buffer overflow in the yaSSL 1.9.8 and earlier implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside...

7.5CVSS7.8AI score0.69552EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2009/04/24 12:0 a.m.16 views

Fortify 360 Web Interface Detection

The remote web server is running the web interface for Fortify 360, a web interface to analyze the results of source code audits. As this interface is likely to contain sensitive information, make sure only authorized personel can log into this site C Tenable Network Security, Inc...

5.6AI score
Exploits0References1
ThreatPost
ThreatPost
added 2009/03/05 9:20 p.m.16 views

Can we learn from Microsoft and Google on security?

Tech security company Fortify and security consulting firm Cigital are getting ready to release a set of best practices that tech companies and other businesses can follow to ensure that the software they develop is secure. The authors developed the model by studying the security practices at...

0.5AI score
Exploits0References3
myhack58
myhack58
added 2008/07/23 12:0 a.m.12 views

And then the explosion a few micro-points have not fortified from the start or passive start-vulnerability warning-the black bar safety net

From a friend: large ravioli 1. cmd to run before the execution of the programsysnap inform --passive start HKEYCURRENTUSER\Software\Microsoft\Command Processor AutoRun REGSZ "xxx.exe" 2. session manager-from the start HKEYLOCALMACHINE\SYSTEM\ControlSet001\Control\Session Manager...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.17 views

SUSE-SA:2007:005: w3m

The remote host is missing the patch for the advisory SUSE-SA:2007:005 w3m. A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not...

9.3CVSS7.6AI score0.04665EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.11 views

Fortify 360 Web Interface Detection

Binary data 5007.prm...

7.3AI score
Exploits0References1
Rows per page
Query Builder