79 matches found
Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File
Source: https://code.google.com/p/google-security-research/issues/detail?id=426&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately, and: http://localhost/LoadMP4.swf?file=crash3006694.flv If there is no crash at first, refres...
Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (3017301)
This host is missing a critical security update according to Microsoft Bulletin MS14-081. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Office Word Remote Code Execution Vulnerabilities (3017301) - Mac OS X
This host is missing a critical security update according to Microsoft Bulletin MS14-081. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Apple Mac OS X Multiple Vulnerabilities -02 (Sep 2014)
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cyme ChartFX Client Server ActiveX Control Array Indexing Vulnerability
No description provided by source. Application: CYME Power Engineering Software Platforms: Windows Version: CYME version 5.0.12.663. Secunia: SA48430 PRL: 2012-29 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2...
XnView 1.98.8 GIF Image Processing Heap Overflow
No description provided by source. Application: XnView GIF Image Processing Heap Overflow Platforms: Windows Secunia: SA48666 PRL: 2012-18 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Report Timeline 3...
GOM Media Player Denial of Service Vulnerability (Jun 2014) - Windows
GOM Media Player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle Linux 5 : gstreamer-plugins-good (ELSA-2009-0271)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0271 advisory. 0.10.9-1.el5.1 - Add patch for CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 Related: rhbz 483220 Tenable has extracted the preceding description block...
Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)
This host is installed with Apple iTunes and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbappleitunesmultvulnjun13macosx.nasl 6104 2017-05-11 09:03:48Z teissa $ Apple iTunes Multiple Vulnerabilities - June13 Mac OS X Authors: Thanga Prakash S Copyright: Copyright c 2013...
CYME ChartFX ActiveX ShowPropertiesDialog pageNumber indexing error
Added: 12/17/2012 BID: 55765 OSVDB: 85894 Background The CYME Power Engineering Software is a suite of applications for power engineers. It includes the ChartFX ActiveX control. Problem An indexing error in ChartFX.ClientServer.Core.dll of the ChartFX ActiveX Control allows command execution when...
CYME ChartFX ActiveX ShowPropertiesDialog pageNumber indexing error
Added: 12/17/2012 BID: 55765 OSVDB: 85894 Background The CYME Power Engineering Software is a suite of applications for power engineers. It includes the ChartFX ActiveX control. Problem An indexing error in ChartFX.ClientServer.Core.dll of the ChartFX ActiveX Control allows command execution when...
CYME ChartFX ActiveX ShowPropertiesDialog pageNumber indexing error
Added: 12/17/2012 BID: 55765 OSVDB: 85894 Background The CYME Power Engineering Software is a suite of applications for power engineers. It includes the ChartFX ActiveX control. Problem An indexing error in ChartFX.ClientServer.Core.dll of the ChartFX ActiveX Control allows command execution when...
Cyme ChartFX Client Server Array Indexing
Application: CYME Power Engineering Software Platforms: Windows Version: CYME version 5.0.12.663. Secunia: SA48430 PRL: 2012-29 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Report Timeline 3 Technical details...
Cyme ChartFX Client Server ActiveX Control Array Indexing Vulnerability
Exploit for windows platform in category dos / poc Application: CYME Power Engineering Software Platforms: Windows Version: CYME version 5.0.12.663. Secunia: SA48430 PRL: 2012-29 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1...
Cyme ChartFX Client Server - ActiveX Control Array Indexing
Cyme ChartFX Client Server - ActiveX Control Array Indexing Application: CYME Power Engineering Software Platforms: Windows Version: CYME version 5.0.12.663. Secunia: SA48430 PRL: 2012-29 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter:...
RHEL 5 : tetex (RHSA-2012:1201)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1201 advisory. teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent...
Scientific Linux Security Update : gstreamer-plugins-good on SL5.x i386/x86_64
Multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary...
Scientific Linux Security Update : gstreamer-plugins on SL3.x, SL4.x i386/x86_64
An array indexing error was found in the GStreamer's QuickTime media file format decoding plug-in. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if played by a victim...
XnView Multiple Image Decompression Heap Overflow Vulnerabilities (Windows)
This host has XnView installed and is prone to multiple heap based buffer overflow vulnerabilities. Vulnerabilities Insight: - Insufficient validation when decompressing SGI32LogLum compressed TIFF images. - Insufficient validation when decompressing SGI32LogLum compressed TIFF images where the...
XnView 1.98.8 - .gif Image Processing Heap Overflow
XnView 1.98.8 - .gif Image Processing Heap Overflow Application: XnView GIF Image Processing Heap Overflow Platforms: Windows Secunia: SA48666 PRL: 2012-18 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Report...