NTP Denial of Service Vulnerability (CNVD-2015-07183)

NTP is a network protocol that synchronizes the clocks of two computers by exchanging packets. NTP has a security vulnerability that allows a remote attacker to send Mode 6 MODECONTROL or Mode 7 MODEPRIVATE packets with large values to crash a background program...

php: use after free vulnerability in unserialize()

A flaws was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary code...

USN-2605-1 icu vulnerabilities

Pedro Ribeiro discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program...

GNU/Linux program crash analysis framework vulnerability to cause the kernel provide the right risk-vulnerability warning-the black bar safety net

Google security researcher Tavis Ormandy found for Ubuntu CVE-2 0 1 5-1 3 1 8apportand RedHat/CentOS/Fedora CVE-2 0 1 5-1 8 6 2 abrtsecurity vulnerabilities, apport and abrt are the GNU/Linux platform on which the automation program crash analysis framework of free software, Ubuntuapportand...

OpenSSL 'd2i_ECPrivateKey' Memory Misreference Vulnerability

OpenSSL is an open source implementation of SSL used to enable strong encryption of network communications and is now widely used in a variety of web applications. A memory misreference vulnerability exists in 'd2iECPrivateKey' in OpenSSL 'crypto/ec/ecasn1.c'. An attacker could exploit the...

FreeVimager Handles TIFF File Memory Corruption Vulnerability

FreeVimager is a photo editing software. FreeVimager handles a TIFF file memory corruption vulnerability that allows attackers to construct malformed TIFF files that can crash the program...

HanWang CoolPaint Drawing Software Memory Corruption Vulnerability

HanWang CoolPaint is a drawing software developed by HanWang Technology Co. Hanvon CoolPaint has an error in the image processing logic that could allow an attacker to exploit this vulnerability to crash the program...

By the Ghost vulnerability to cause“bloodshed”-vulnerability warning-the black bar safety net

0x00 background Recently a security company found the glibc gethostbyname buffer overflow vulnerability, the vulnerability is named ghost, the reason is glibc's Gethostbyname functions in processing incoming malformations of the domain information for parsing leads to heap overflow, numerous web...

Cisco NX-OS Software Local Denial of Service Vulnerability

Cisco NX-OS is a data center-class operating system that embodies modular design, perpetuity, and maintainability. A local denial of service vulnerability exists in the Cisco NX-OS software, which could be exploited by an attacker to launch a denial of service attack and cause a program crash...

HP OpenView OmniBack II 2.55/3.0/3.1 DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1015/info Multiple open connections to port 5555 can cause the HP OpenView OmniBack program to crash by consuming 100% CPU cycles. Closing the connections will not alleviate this problem, therefore a manual restart would ...

Apache Tomcat Multiple Vulnerabilities - 02 (Mar 2014)

Apache Tomcat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; ifdescription...

Wireshark RLC Dissector 'packet-rlc.c'拒绝服务漏洞

Bugtraq ID：66072 CVE ID：CVE-2014-2283 Wireshark（前称Ethereal）是一款非常流行的开源网络流量分析软件。 由于程序没有正确处理某些类型的数据包，攻击者可以利用漏洞是受影响程序崩溃。 0 MandrakeSoft Enterprise Server 5 x8664 MandrakeSoft Enterprise Server 5 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.wireshark.org/...

Boilsoft RM TO MP3 Converter 1.72 - .wav Crash (PoC)

Boilsoft RM TO MP3 Converter 1.72 - .wav Crash PoC Exploit Title: Boilsoft RM TO MP3 Converter 1.72 .wav - Crash POC Date: 21.11.2013 Exploit Author: Akin Tosunlar Software Link: http://www.boilsoft.net/download/rmtomp3.exe Version: 1.72 Probably old version of software and the LATEST version too...

Divx 6.8.2 Denial Of Service

!/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website:...

GLSA-201206-15 : libpng: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-15 libpng: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libpng: The embeddedprofilelen function in pngwutil.c does not check for negative values, resulting in a memory leak CVE-2009-5063. The...

PEamp Memory Corruption

/Title: PEamp .mp3 Memmory Corruption PoC Author: Ayrbyte Link: http:www.softpedia.com/get/Multimedia/Audio/Audio-Players/mp3player.shtml Versi: v1.02b Tested on: Windows 7 Fb: facebook.com/Ayrbyte Greetz To : all CREMY Family, and for all indonesian indonesian h4x0r ?? %% %% $$$$$ :: ;;;;;;;; ??...

Postfix -- memory corruption vulnerability

The Postfix SMTP server has a memory corruption error, when the Cyrus SASL library is used with authentication mechanisms other than PLAIN and LOGIN ANONYMOUS is not affected, but should not be used for other reasons. This memory corruption is known to result in a program crash SIGSEV...

Abac Karaoke 2.15 - Denial of Service

Abac Karaoke 2.15 - Denial of Service Exploit Title: Abac Karaoke 2.15 .mp3 , .wma DoS Date: 12 / 8 / 2010 Author: Oh Yaw Theng Software Link: http://www.topdownloads.net/software/abac-karaoke-build2218982.html?hl=&ia=0 Version: v2.15 Tested on: Windows XP SP 2 CVE : N / A Description : This is t...

Kwik Pay Payroll 4.10.3 - .zip Denial of Service

Kwik Pay Payroll 4.10.3 - .zip Denial of Service Exploit Title: Kwik Pay Payroll .zip DoS Date: April 1, 2010 Tested on: Windows XP SP3 Cost: 100.00 AU Author: anonymous Site: http://www.setfreesecurity.com File - Restore Database - Find Locate zip file Click the restore button at the bottom...

Streaming Audio Player 0.9 (skin) Local Stack Overflow PoC (SEH)

No description provided by source. Streaming Audio Player 0.9 txt Local Stack Overflow PoC Seh By: ThE g0bL!N my $crash="\x41" x 5000 ; just random openmyfile,'UI.txt' print myfile $crash; Usage: After Clicking On file Perl Copy TXT File on this Diredtory skin\default\ Then Run The Program Boom...