5694 matches found
VMCPlayer 1.0 Denial Of Service
done by BraniX www.hackers.org.pl found: 2011.03.22 published: 2011.03.22 tested on: Windows XP SP3 Home Edition App: VMCPlayer 1.0 App Url: http://files.videomobileconverter.com/vmcplayer.exe VMCPlayer.exe MD5: 8a98ffbb404731f8f5ffbf3eaf30a327 VMCPlayer can be DoS'ed in two or probably more ways...
phpcms 2 0 0 8 sp4 explosive paths and arbitrary file deletion vulnerabilities and fixes-vulnerability warning-the black bar safety net
phpcms 2 0 0 8 sp4 explosive paths and arbitrary file deletion vulnerability and fix Affected versions: phpcms 2 0 0 8 sp4 Official address: www.phpcms.cn Vulnerability type: explosive paths and arbitrary file deletion Vulnerability Description: a certain page, not as fault-tolerant processing...
SuSE 10 Security Update : cvs (ZYPP Patch Number 7302)
cvs fails with 'invalid pathname' error when using relative paths. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid51638; scriptversion"1.7...
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)
This host is missing a critical security update according to Microsoft Bulletin MS07-066. OpenVAS Vulnerability Test $Id: gbms07-066.nasl 5362 2017-02-20 12:46:39Z cfi $ Vulnerability in Windows Kernel Could Allow Elevation of Privilege 943078 Authors: Madhuri D Copyright: Copyright c 2011...
subversion: revision properties disclosure to user with partial access
Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information revision properties via svn 1 propget, 2 proplist, or 3 propedit...
Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)
Security Enhancements and Fixes in PHP 5.3.4 : - Fixed crash in zip extract method possible CWE-170. - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed a possible double free in imap extension Identified by Mateusz Kocielski. CVE-2010-4150. - Fixed NULL...
nSense-2010-004: Sybase Afaria
nSense Vulnerability Research Security Advisory NSENSE-2010-004 --------------------------------------------------------------- Affected Vendor: SAP Affected Product: Sybase Afaria 6.0 Platform: Windows Impact: User assisted code execution via CSRF Vendor response: Patch CVE: None Credit: Knud...
Sybase Afaria 6.0 Cross Site Request Forgery
nSense Vulnerability Research Security Advisory NSENSE-2010-004 --------------------------------------------------------------- Affected Vendor: SAP Affected Product: Sybase Afaria 6.0 Platform: Windows Impact: User assisted code execution via CSRF Vendor response: Patch CVE: None Credit: Knud...
Вышел PHP 5.3.4
ChangeLog Выпуск новой версии не был бы настолько примечателен, если бы не следующая строчка в ченджлоге: Цитата: Paths with NULL in them foo\0bar.txt are now considered as invalid. Rasmus --- Видимо усечение пути нулл-байтом теперь останется в прошлом. Решение проблемы на примере функции file: S...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS : quagga vulnerabilities (USN-1027-1)
It was discovered that Quagga incorrectly handled certain Outbound Route Filtering ORF records. A remote authenticated attacker could use this flaw to cause a denial of service or potentially execute arbitrary code. The default compiler options for Ubuntu 8.04 LTS and later should reduce the...
GVim may insecurely load dynamic libraries
Overview GVim may use unsafe methods for determining how to load DLLs. GVim is a text editor. GVim loads certain DLL's when TXT files are opened. GVim contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Makoto Shiotsuki reported this vulnerability t...
Multiple Yokka provided products may insecurely load executable files
Overview Multiple products provided by Yokka may use unsafe methods for determining how to load executables .exe. Multiple products provided by Yokka such as text editors, contain an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerabili...
[SECURITY] [DSA-2104-1] New quagga packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2104-1 [email protected] http://www.debian.org/security/ Florian Weimer September 06, 2010 http://www.debian.org/security/faq -...
CVE-2010-2949
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unknown AS type in an AS path attribute in a BGP UPDATE message...
Null pointer dereference
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unknown AS type in an AS path attribute in a BGP UPDATE message...
CVE-2010-2949
Removed by vendor...
CVE-2010-2949
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unknown AS type in an AS path attribute in a BGP UPDATE message...
Debian DSA-2104-1 : quagga - several vulnerabilities
Several remote vulnerabilities have been discovered in the BGP implementation of Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2948 When processing a crafted Route Refresh message received from a configured, authenticated...
μTorrent (uTorrent) 2.0.3 - DLL Hijacking
μTorrent uTorrent 2.0.3 - DLL Hijacking Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and plac...
μTorrent (uTorrent) 2.0.3 - DLL Hijacking
Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and placed in the utorrent.exe directory, the...