615 matches found
CVE-2008-2941
The hpssd message parser in hpssd.py in HP Linux Imaging and Printing HPLIP 1.6.7 allows local users to cause a denial of service process stop via a crafted packet, as demonstrated by sending "msg=0" to TCP port 2207...
hplip hpssd.py Denial-Of-Service parsing vulnerability
The hpssd message parser in hpssd.py in HP Linux Imaging and Printing HPLIP 1.6.7 allows local users to cause a denial of service process stop via a crafted packet, as demonstrated by sending "msg=0" to TCP port 2207...
Important: xorg-x11 security update
6.8.2-1.EL.33.0.1.0.1 - Add Enterprise Linux detection - Add XFree86-4.3.0-oracle-bug-report-address-update.patch 6.8.2-1.EL.33.0.1 - cve-2007-4568.patch: XFS Integer Overflow Vulnerability - cve-2007-5760.patch: XFree86-Misc Extension Invalid Array Index Vulnerability - cve-2007-5958.patch: Xorg...
security flaw
Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark formerly Ethereal 0.99.2 allow remote attackers to cause a denial of service crash via unspecified vectors...
Malicious WMF files stored in Opera’s cache can infect Windows – Opera Security Advisories
Malicious WMF files stored in Opera’s cache can infect Windows – Opera Security Advisories OPCOM Team | January 13, 2006 Summary Windows Meta Files .wmf can contain executable code. A specially craftedWMF file can infect Microsoft Windows with malicious software when it is openedwith Windows’ own...
CURL-CVE-2005-4077 URL Buffer Overflow
libcurl's URL parser function can overflow a heap based buffer in two ways, if given a too long URL. These overflows happen if you 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the heap...
CVE-2004-1013
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as 1 "bodyp", 2 "binaryp", or 3 "binaryp" that cause an index increment error that leads to an out-of-bounds memory corruption...
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command "bodyp" that is treated as a different command "body.peek" and causes an index increment error that leads to an out-of-bounds memory...
FreeBSD : ImageMagick -- EXIF parser buffer overflow (3)
The following package needs to be updated: ImageMagick %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgeeb1c12833e711d9a9e70001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...
CVE-2004-0692
The XPM parser in the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693...
CVE-2004-0692
The XPM parser in the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693...
Multiple vendor SOAP server (XML parser) denial of service (DTD parameter entities)
/////////////////////////////////////////////////////////////////////////////// //========================== Security Advisory ==========================// ///////////////////////////////////////////////////////////////////////////////...
Microsoft Internet Explorer 5/6 - MSXML XML File Parsing Cross-Site Scripting
source: https://www.securityfocus.com/bid/7938/info A vulnerability has been reported for the Microsoft Internet Explorer that may result in cross-site scripting attacks. If IE, using the MSXML parser, is unable to parse the requested XML file, it will display a parse error that also includes the...
[SECURITY] [DSA-130-1] memory allocation error in ethereal
Package: ethereal Vulnerability: remotely triggered memory allocation error Debian-specific: no Ethereal versions prior to 0.9.3 were vulnerable to an allocation error in the ASN.1 parser. This can be triggered when analyzing traffic using the SNMP, LDAP, COPS, or Kerberos protocols in ethereal...
ROS-2-1919
2.1919 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...