72 matches found
FotoTagger 2.12.0.0 - '.XML' Buffer Overflow (PoC)
""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" """ :::::: :: :: :: :: :: :::: """ """ :: :: :: :: :::::: .. :::: :: """ """ ::::: ::: ::::: :: :: :: :: :: :::: """ """ :: :: :: :: : :: :: :: :: :: :: """ """ :::::: :: :: ::::: :: :::::: :: :: :::: rs.ir """ """ :: """ """ """...
On the Twitter DDoS Attacks, Apple and Microsoft Patches
Threatpost editors Ryan Naraine and Dennis Fisher discuss the DDoS attacks against Twitter, Facebook and LiveJournal and delve into Apple’s Mac OS X patch and Microsoft’s Patch Tuesday plans. SHOW NOTES: UPDATE: Twitter Suffers DoS Attack Apple Warns of Mac Attack Risk via Image Files Microsoft...
[SECURITY] Fedora 7 Update: centerim-4.22.4-1.fc7.1
CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided...
[SECURITY] Fedora 8 Update: centerim-4.22.4-1.fc8
CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided...
GLSA-200701-20 : Centericq: Remote buffer overflow in LiveJournal handling
The remote host is affected by the vulnerability described in GLSA-200701-20 Centericq: Remote buffer overflow in LiveJournal handling When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer overflow. Impac...
Centericq: Remote buffer overflow in LiveJournal handling
Background Centericq is a text mode menu-driven and window-driven instant messaging interface. Description When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer overflow. Impact An attacker could entice a...
CenterICQ IJHook.CC远程缓冲区溢出漏洞
CenterICQ包含对LiveJournal的支持,如张贴日记,读取其他BLOG的RSS种子等其他功能。 CenterICQ存在缓冲区溢出问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于SOURCE/src/hooks/ljhook.cc文件中: char buf512; ... iffindfriendof.begin, friendof.end, in-first == friendof.end friendof.pushbackin-first; if!foempty bd = string "http://" +...
tk53-advisory-1.txt
======================================================================== TK53 Advisory 1 01/07/2007 - CenterICQ remote DoS buffer overflow in Livejournal handling ======================================================================== Authors: Lolek of TK53 , Roflek of TK53 Affected program:...
CVE-2007-0160
Stack-based buffer overflow in the LiveJournal support hooks/ljhook.cc in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by adding the victim as a friend and using long 1...
Stack overflow
Stack-based buffer overflow in the LiveJournal support hooks/ljhook.cc in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by adding the victim as a friend and using long 1...
CVE-2007-0160
Stack-based buffer overflow in the LiveJournal support hooks/ljhook.cc in CenterICQ 4.9.11 through 4.21.0, when using unofficial LiveJournal servers, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by adding the victim as a friend and using long 1...
CVE-2007-0160
CenterICQ (Centerim) versions 4.9.11–4.21.0 contain a stack-based buffer overflow in the LiveJournal handling code (hooks/ljhook.cc). When connecting to unofficial LiveJournal servers, an attacker can crash the client and potentially execute arbitrary code by adding the victim as a friend and sen...
CenterICQ buffer overflow
Buffer overflow in LiveJournal support module...
[Full-disclosure] TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling
======================================================================== TK53 Advisory 1 01/07/2007 - CenterICQ remote DoS buffer overflow in LiveJournal handling ======================================================================== Authors: Lolek of TK53 [email protected], Roflek of TK53...
CVE-2006-0496
Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...
Cross site scripting
Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...
CVE-2006-0496
Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...
CVE-2006-0496
Cross-site scripting XSS vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding Cascading Style Sheets CSS property, which does not...
CVE-2005-4454
Validate-before-filter vulnerability in cleanhtml.pl 1.129 in LiveJournal CVS before Dec 7 2005, when the cleancss option is enabled, allows remote attackers to conduct cross-site scripting XSS attacks via a "" backslash within a "javascript" scheme in a style property such as "javas\cript", whic...
CVE-2005-4455
cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi...