842 matches found
Audacity '.aup'项目文件解析缓冲区溢出漏洞
BUGTRAQ ID: 33160 CNCAN ID:CNCAN-2009010801 Audacity是一款数码音效处理程序。 Audacity处理'.aup'文件存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 构建包含超长字符的'.aup'文件,诱使用户使用Audacity导入,可导致以应用程序权限执行任意指令。 Audacity 1.6.2 厂商解决方案 目前没有详细解决方案提供: http://audacity.sourceforge.net/ http://www.sebug.net/exploit/5573/...
RadASM .rap项目文件缓冲区溢出漏洞
BUGTRAQ ID: 32617 RadASM是一款WIN32汇编编辑器,支持MASM、TASM等多种汇编编译器。 如果用户受骗使用RadASM打开了恶意的.rap项目文件并通过Group密钥向缓冲区提供了超长输入的话,就可能触发缓冲区溢出,导致覆盖内存中存储的WindowCallProcA指针并执行任意代码。 Ketil O RadASM 2.2.1.4 Ketil O ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.radasm.com/...
radasm-hijack.txt
!/usr/bin/perl RadAsm Building poc.rap..\n"; print "- poc.rap Created have unf :\n"; win32exec - EXITFUNC=process CMD=calc.exe Size=351 Encoder=PexAlphaNum http://metasploit.com my $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"...
Heap overflow
Off-by-one error in the getunicodename function libclamav/vbaextract.c in Clam Anti-Virus ClamAV before 0.94.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow...
CVE-2008-5050
Off-by-one error in the getunicodename function libclamav/vbaextract.c in Clam Anti-Virus ClamAV before 0.94.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow...
CVE-2008-5050
Off-by-one error in the getunicodename function libclamav/vbaextract.c in Clam Anti-Virus ClamAV before 0.94.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow...
ClamAV get_unicode_name() off-by-one buffer overflow
----------------------------------------------------------------- ClamAV getunicodename off-by-one buffer overflow Copyright c 2008 Moritz Jodeit [email protected] 2008/11/08 ----------------------------------------------------------------- Application details: From http://www.clamav.net/: "Clam...
Design/Logic Flaw
PCSoft WinDEV 11 01F110053p allows user-assisted remote attackers to cause a denial of service infinite loop and resource consumption via a malformed WDP project file...
CVE-2007-3480
PCSoft WinDEV 11 01F110053p allows user-assisted remote attackers to cause a denial of service infinite loop and resource consumption via a malformed WDP project file...
CVE-2007-3479
Stack-based buffer overflow in PCSoft WinDEV 11 01F110053p allows user-assisted remote attackers to execute arbitrary code via a long string in the "used DLL" field in a WDP project file...
Stack overflow
Stack-based buffer overflow in PCSoft WinDEV 11 01F110053p allows user-assisted remote attackers to execute arbitrary code via a long string in the "used DLL" field in a WDP project file...
CVE-2007-3479
Stack-based buffer overflow in PCSoft WinDEV 11 01F110053p allows user-assisted remote attackers to execute arbitrary code via a long string in the "used DLL" field in a WDP project file...
CVE-2007-3480
CVE-2007-3480 affects PCSoft WinDEV 11, where the WDP project file handling is vulnerable to a denial of service via a malformed WDP project file. The issue enables user‑assisted remote attackers to trigger an infinite loop and increased resource consumption. The provided connected documents conf...
CVE-2007-3479
PCSoft WinDEV 11 is affected by a stack-based buffer overflow in the handling of the "used DLL" field within a WDP project file. The vulnerability allows a user-associated (user-assisted) remote attacker to execute arbitrary code by supplying a sufficiently long string in the affected field, as d...
Stack overflow
Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project .HPJ file with a long HLP field in the OPTIONS section...
CVE-2006-0187
CVE-2006-0187 concerns Microsoft Visual Studio 2005, where code in the Load event of a user-defined control (UserControl1_Load) runs automatically by design. This behavior could let a user-assisted attacker execute arbitrary code by tricking a user into opening a malicious Visual Studio project f...
CVE-2006-0187
By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control UserControl1Load function, which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file...
Microsoft Visual Studio - UserControl Remote Code Execution (1)
Microsoft Visual Studio - UserControl Remote Code Execution 1 source: https://www.securityfocus.com/bid/16225/info Microsoft Visual Studio is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue stems from a design flaw that executes code contained in a...
Microsoft Visual Studio - UserControl Remote Code Execution (2)
Microsoft Visual Studio - UserControl Remote Code Execution 2 source: https://www.securityfocus.com/bid/16225/info Microsoft Visual Studio is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue stems from a design flaw that executes code contained in a...
Microsoft Visual Studio - UserControl Remote Code Execution (2)
source: https://www.securityfocus.com/bid/16225/info Microsoft Visual Studio is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue stems from a design flaw that executes code contained in a project file without first notifying users. Exploiting this...