ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability

ZDI-08-067: Apple CUPS 1.3.7 HP-GL/2 filter Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-067 October 9, 2008 -- CVE ID: CVE-2008-3641 -- Affected Vendors: Apple -- Affected Products: Apple OS X -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

CVE-2008-3641

The Hewlett-Packard Graphics Language HPGL filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory...

CVE-2008-3641

The Hewlett-Packard Graphics Language HPGL filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory...

Design/Logic Flaw

The Hewlett-Packard Graphics Language HPGL filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory...

CVE-2008-3641

Summary (CVE-2008-3641): The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 is vulnerable. A remote attacker can craft pen width and pen color opcodes that overwrite memory, enabling arbitrary code execution on affected systems. Public sources reference this CVE as part of m...

Apple CUPS HP-GL/2 Filter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple CUPS. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and p...

Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit

No description provided by source. / etherealv0.10.: AFP remote format string exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xethereal-afp-fmt.c -o xethereal-afp-fmt ethereal homepage/url: http://www.ethereal.com syntax: ./xethereal-afp-fmt -spSrPanc -h host vulnerable...

CVE-2008-3158

Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory...

EUVD-2008-3148

Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory...

CVE-2008-1451

The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka "Memory Overwrite Vulnerability."...

CVE-2008-1451

The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka "Memory Overwrite Vulnerability."...

CVE-2008-0322

The I2O Utility Filter driver i2omgmt.sys 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\.\I2OExc" device interface, which allows local users to gain privileges. NOTE: this issue can be leveraged to overwrite arbitrary memory and execute code via an IOCTL call...

PT-2008-1956 · Microsoft · Windows Xp

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP Description: The issue allows local users to gain privileges by exploiting the I2O Utility Filter driver, which sets Everyone/Write permissions for the ".I2OExc" device interface. This can be leveraged to overwrite...

SuSE 10 Security Update : libpng (ZYPP Patch Number 5181)

Specially crafted png files could overwrite arbitrary memory. Attackers could potentially exploit that to execute arbitrary code. CVE-2008-1382 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

openSUSE 10 Security Update : libpng (libpng-5180)

Specially crafted png files could overwrite arbitrary memory. Attackers could potentially exploit that to execute arbitrary code CVE-2008-1382. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Integer overflow

Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...

CVE-2008-1558

Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...

CVE-2008-1471

The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service system crash or kernel panic, overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory...

CVE-2008-1471

The CVE-2008-1471 issue affects Panda Security products using the cpoint.sys kernel driver (Panda Internet Security 2008 and Antivirus+ Firewall 2008). A crafted IOCTL request can trigger an out-of-bounds write in kernel memory, enabling a local attacker to cause a denial of service (system crash...

GLSA-200803-13 : VLC: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-13 VLC: Multiple vulnerabilities Multiple vulnerabilities were found in VLC: Michal Luczaj and Luigi Auriemma reported that VLC contains boundary errors when handling subtitles in the ParseMicroDvd, ParseSSA, and ParseVplay...