516 matches found
Command injection
The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...
PYSEC-2014-23
The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...
CVE-2014-1933
CVE-2014-1933 and related flaws affect Python Imaging Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1, where temporary-file handling and command-line file-name usage enable local and symlink-based attacks (e.g., load_djpeg, EpsImagePlugin.py, IptcImagePlugin.py, Image.py). Root causes inc...
CVE-2014-1932
CVE-2014-1932 affects Python Imaging Library (PIL) 1.1.7 and earlier and Pillow prior to 2.3.1. The vulnerability is caused by improper creation of temporary files in PIL components (DJPEG in JpegImagePlugin.py, Ghostscript in EpsImagePlugin.py, load in IptcImagePlugin.py, and _copy in Image.py),...
CVE-2014-1932
The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load function in IptcImagePlugin.py, and 4 copy function in Image.py in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users...
CVE-2014-1933
The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...
CVE-2014-1932
The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load function in IptcImagePlugin.py, and 4 copy function in Image.py in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users...
CVE-2014-1933
The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...
CVE-2014-1933
The 1 JpegImagePlugin.py and 2 EpsImagePlugin.py scripts in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes...
openwysiwyg Remote File Upload Vulnerability
Exploit for php platform in category web applications db 88 d88b "" d8'8b d8' 8b ,adPPYba, ,adPPYba, ,adPPYba, 88 8b,dPPYba, ,adPPYba, d8YaaaaY8b I8 "" a8P88 I8 "" 88 88P' "8a a8" "8a d8""""""""8b "Y8ba, 8PP""""""" "Y8ba, 88 88 88 8b d8 d8' 8b aa 8I "8b, ,aa aa 8I 88 88 88 "8a, ,a8" d8' 8b "YbbdP...
coppermine 1.5.18 - Multiple Vulnerabilities
waraxe-2012-SA081 - Multiple Vulnerabilities in Coppermine 1.5.18 ============================================================================== Author: Janek Vind "waraxe" Date: 29. March 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-81.html Affected Software: Coppermine is a...
iBrowser Plugin 1.4.1 Local File Inclusion
iBrowser Plugin v1.4.1 lang Local File Inclusion Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: lang.'.php' ; 70: $this - charset = $langcharset; 71: $this - dir = $langdirection; 72: $this - langdata = $langdata; 73: unset $langdata ; 74:...
Ubuntu Update for cups USN-1207-1
Ubuntu Update for Linux kernel vulnerabilities USN-1207-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12071.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for cups USN-1207-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : cups, cupsys vulnerabilities (USN-1207-1)
Tomas Hoger discovered that the CUPS image library incorrectly handled LZW streams. A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...
Rightnow's => Auth Bypass Vulnerability (Shell Upload)
Exploit for php platform in category web applications My + Author : KaCaK Contact : email protected HomePage : http://secureb0x.blogspot.com , http://griadamlar.com Greetz : KnockOut , Mus4llat , Technical and All My Friends Software info |Web App. : Madni Designers Web Portal |Price : Price...
OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...
Critical Holes Closed in PNG Image Library
Updates 1.2.44 and 1.4.3 for the official open source reference library libpng have been released to close security holes. Read the full article. The H Security...
Fedora Update for DevIL FEDORA-2009-13219
Check for the Version of DevIL OpenVAS Vulnerability Test Fedora Update for DevIL FEDORA-2009-13219 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for DevIL FEDORA-2009-13255
Check for the Version of DevIL OpenVAS Vulnerability Test Fedora Update for DevIL FEDORA-2009-13255 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Debian DSA-1842-1 : openexr - several vulnerabilities
Several vulnerabilities have been discovered in the OpenEXR image library, which can lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1720 Drew Yao discovered integer overflows in the preview and compression...