FreeBSD : gnupg -- remotely controllable function pointer (4db1669c-8589-11db-ac4f-02e081235dab)

Werner Koch reports : GnuPG uses data structures called filters to process OpenPGP messages. These filters are used in a similar way as a pipelines in the shell. For communication between these filters context structures are used. These are usually allocated on the stack and passed to the filter...

Debian DSA-1231-1 : gnupg - several vulnerabilities

Several remote vulnerabilities have been discovered in the GNU privacy guard, a free PGP replacement, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-6169 Werner Koch discovered that a buffer overfl...

CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...

CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...

[Full-disclosure] Multiple vulnerabilities in Raydium rev 309

Luigi Auriemma Application: Raydium http://raydium.org Versions: = SVN revision 309 newer versions can be vulnerable to some of the bugs which are still unfixed Platforms: Windows, nix, BSD and others Bugs: A buffer-overflow in raydiumlog and raydiumconsolelineadd B format string in raydiumlog C...

Mozilla Firefox Tag Parsing Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail. The...

CA BrightStor Universal Agent Overflow

This module exploits a convoluted heap overflow in the CA BrightStor Universal Agent service. Triple userland exception results in heap growth and execution of dereferenced function pointer at a specified address. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2005-2628

Macromedia Flash 6 and 7 Flash.ocx allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer...

linux/x86 execve /bin/sh xor encrypted 55 bytes

No description provided by source. / .file "xor-encrypted shellcode" .version "1.0" .text .align 4 .globl main .type main,@function start: xorl %eax,%eax jmp 0x22 popl %ebx movl 8%ebx,%edx xor %edx,%ebx xor %edx,4%ebx xor %edx,%edx movl %ebx,0x8%esp movl %edx,0xc%esp movb $0xb,%al leal 0x8%esp,%e...

CVE-2003-0815

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by 1 modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or 2 modifying the createRange method and using the...

CVE-2003-0815

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by 1 modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or 2 modifying the createRange method and using the...

pkc001.txt

/ pkc001.txt / -= SECURITY ADVISORY 001 =- | \ www.pkcrew.org / \ \ | / \ | | | | | / | | | | | / | | | | / | | / / | | | / | Application : Oops proxy server 1.4.22 1.4.6 and maybe prior Type: heap buffer overflow --- The problem --- Function listparser in ftputils.c : line is the line sent by th...