236 matches found
UBUNTU-CVE-2014-9652
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote...
Design/Logic Flaw
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing in a PHP format request, which causes the string length...
25 bytes execve("/bin/sh") shellcode
No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 25 bytes execve/bin/sh shellcode Platform: Linux x86 execve/bin/sh, 0, 0; gcc -Wl,-z,execstack filename.c shellcode:...
CVE-2012-5855
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service crash via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue...
Design/Logic Flaw
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service crash via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue...
UBUNTU-CVE-2012-5855
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service crash via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue...
CVE-2012-5855
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service crash via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue...
Apple QuickTime TeXML Color String Parsing Buffer Overflow - Improved Performance (CVE-2012-0663)
A stack buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to insufficient validation of a string length when processing certain elements inside QuickTime TeXML files. A remote attacker can exploit this issue by enticing a target user to open a specially...
CVE-2013-2478
The dissectserverinfo function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service application crash via a malformed packet that 1...
Apple QuickTime TeXML Color String Parsing Buffer Overflow (CVE-2012-0663)
A stack buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to insufficient validation of a string length when processing certain elements inside QuickTime TeXML files. A remote attacker can exploit this issue by enticing a target user to open a specially...
CVE-2012-2330
The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...
Interactive Data eSignal Stack Buffer Overflow (CVE-2011-3494)
A stack buffer overflow vulnerability exists in Interactive Data eSignal. The vulnerability is due to insufficient string length validation when copying input into a fixed size stack buffer in certain file types.A remote attacker may exploit this issue by enticing a target user to open a speciall...
Memory corruption
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption, related to an "invalid string length vulnerability." NOTE: some of these details are obtained from third party information...
Shockwave Player <= 11.5.1.601 Multiple Vulnerabilities (APSB09-16)
The remote Windows host contains a version of Adobe's Shockwave Player that is 11.5.1.601 or earlier. As such, it is affected by multiple issues : - An invalid index vulnerability could lead to code execution. CVE-2009-3463 - Invalid pointer vulnerabilities could lead to code execution...
Mandrake Security Advisory MDVSA-2009:126 (eggdrop)
The remote host is missing an update to eggdrop announced via advisory MDVSA-2009:126. OpenVAS Vulnerability Test $Id: mdksa2009126.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:126 eggdrop Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 9 FEDORA-2009-5568 (eggdrop)
The remote host is missing an update to eggdrop announced via advisory FEDORA-2009-5568. OpenVAS Vulnerability Test $Id: fcore20095568.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-5568 eggdrop Authors: Thomas Reinke Copyright: Copyright c 2009...
Fedora 10 : eggdrop-1.6.19-4.fc10 (2009-5572)
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...
CVE-2009-1789
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...
DEBIAN-CVE-2009-1789
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...
CVE-2009-1789
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...