Lucene search
K

72 matches found

Exploit DB
Exploit DB
added 2009/09/14 12:0 a.m.45 views

FotoTagger 2.12.0.0 - '.XML' Buffer Overflow (PoC)

""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" """ :::::: :: :: :: :: :: :::: """ """ :: :: :: :: :::::: .. :::: :: """ """ ::::: ::: ::::: :: :: :: :: :: :::: """ """ :: :: :: :: : :: :: :: :: :: :: """ """ :::::: :: :: ::::: :: :::::: :: :: :::: rs.ir """ """ :: """ """ """...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2009/08/07 4:0 a.m.11 views

On the Twitter DDoS Attacks, Apple and Microsoft Patches

Threatpost editors Ryan Naraine and Dennis Fisher discuss the DDoS attacks against Twitter, Facebook and LiveJournal and delve into Apple’s Mac OS X patch and Microsoft’s Patch Tuesday plans. SHOW NOTES: UPDATE: Twitter Suffers DoS Attack Apple Warns of Mac Attack Risk via Image Files Microsoft...

2.8AI score
Exploits0References5
Fedora
Fedora
added 2008/04/01 9:38 p.m.41 views

[SECURITY] Fedora 7 Update: centerim-4.22.4-1.fc7.1

CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided...

6.8CVSS3AI score0.04276EPSS
Exploits1
Fedora
Fedora
added 2008/04/01 9:38 p.m.42 views

[SECURITY] Fedora 8 Update: centerim-4.22.4-1.fc8

CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided...

6.8CVSS3AI score0.04276EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/01/26 12:0 a.m.17 views

GLSA-200701-20 : Centericq: Remote buffer overflow in LiveJournal handling

The remote host is affected by the vulnerability described in GLSA-200701-20 Centericq: Remote buffer overflow in LiveJournal handling When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer overflow. Impac...

7.5CVSS6.5AI score0.04173EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2007/01/24 12:0 a.m.27 views

Centericq: Remote buffer overflow in LiveJournal handling

Background Centericq is a text mode menu-driven and window-driven instant messaging interface. Description When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer overflow. Impact An attacker could entice a...

7.5CVSS7AI score0.04173EPSS
Exploits1
seebug.org
seebug.org
added 2007/01/14 12:0 a.m.31 views

CenterICQ IJHook.CC远程缓冲区溢出漏洞

CenterICQ包含对LiveJournal的支持,如张贴日记,读取其他BLOG的RSS种子等其他功能。 CenterICQ存在缓冲区溢出问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于SOURCE/src/hooks/ljhook.cc文件中: char buf512; ... iffindfriendof.begin, friendof.end, in-first == friendof.end friendof.pushbackin-first; if!foempty bd = string "http://" +...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2007/01/13 12:0 a.m.34 views

tk53-advisory-1.txt

======================================================================== TK53 Advisory 1 01/07/2007 - CenterICQ remote DoS buffer overflow in Livejournal handling ======================================================================== Authors: Lolek of TK53 , Roflek of TK53 Affected program:...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2007/01/10 12:28 a.m.16 views

CVE-2007-0160

Stack-based buffer overflow in the LiveJournal support hooks/ljhook.cc in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by adding the victim as a friend and using long 1...

7.5CVSS6.5AI score0.04173EPSS
Exploits1References1
Prion
Prion
added 2007/01/10 12:28 a.m.13 views

Stack overflow

Stack-based buffer overflow in the LiveJournal support hooks/ljhook.cc in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by adding the victim as a friend and using long 1...

7.5CVSS8.3AI score0.04173EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2007/01/10 12:0 a.m.31 views

CVE-2007-0160

Stack-based buffer overflow in the LiveJournal support hooks/ljhook.cc in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by adding the victim as a friend and using long 1...

7.8AI score0.04173EPSS
Exploits1References8
CVE
CVE
added 2007/01/10 12:0 a.m.51 views

CVE-2007-0160

CenterICQ (Centerim) versions 4.9.11–4.21.0 contain a stack-based buffer overflow in the LiveJournal handling code (hooks/ljhook.cc). When connecting to unofficial LiveJournal servers, an attacker can crash the client and potentially execute arbitrary code by adding the victim as a friend and sen...

7.5CVSS7.8AI score0.04173EPSS
Exploits1References8Affected Software1
securityvulns
securityvulns
added 2007/01/08 12:0 a.m.40 views

CenterICQ buffer overflow

Buffer overflow in LiveJournal support module...

7.5CVSS3.1AI score0.04173EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2007/01/08 12:0 a.m.29 views

[Full-disclosure] TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling

======================================================================== TK53 Advisory 1 01/07/2007 - CenterICQ remote DoS buffer overflow in LiveJournal handling ======================================================================== Authors: Lolek of TK53 [email protected], Roflek of TK53...

Exploits0
UbuntuCve
UbuntuCve
added 2006/02/01 2:2 a.m.25 views

CVE-2006-0496

Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...

4.3CVSS6.1AI score0.02606EPSS
Exploits1References1
Prion
Prion
added 2006/02/01 2:2 a.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...

4.3CVSS6.3AI score0.02606EPSS
Exploits1References10Affected Software2
NVD
NVD
added 2006/02/01 2:2 a.m.19 views

CVE-2006-0496

Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...

4.3CVSS5.7AI score0.02606EPSS
Exploits1References10
Cvelist
Cvelist
added 2006/02/01 2:0 a.m.27 views

CVE-2006-0496

Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...

5.7AI score0.02606EPSS
Exploits1References10
NVD
NVD
added 2005/12/21 11:3 a.m.17 views

CVE-2005-4454

Validate-before-filter vulnerability in cleanhtml.pl 1.129 in LiveJournal CVS before Dec 7 2005, when the cleancss option is enabled, allows remote attackers to conduct cross-site scripting XSS attacks via a "" backslash within a "javascript" scheme in a style property such as "javas\cript", whic...

4.3CVSS5.8AI score0.02122EPSS
Exploits1References7
NVD
NVD
added 2005/12/21 11:3 a.m.12 views

CVE-2005-4455

cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi...

5CVSS6.2AI score0.01041EPSS
Exploits0References2
Rows per page
Query Builder