1247 matches found
cdp buffer overflow
Buffer overflow on oversized CD track name...
cdp buffer overflow vulnerability
Product: cdp - console cd player Versions: All Bug: Buffer overflow Impact: Attackers can execute arbitrary code Risk: Medium/High Date: March 31, 2004 Author: Shaun Colley Email: shaunige yahoo co uk WWW: http://www.nettwerked.co.uk Introduction cdp is... "cdp is a program that plays CDs at the...
Microsoft Internet Information Server (IIS) vulnerable to cross-site scripting via HTTP TRACK method
Overview Microsoft Internet Information Server IIS servers support a HTTP method called TRACK. The HTTP TRACK method returns the contents of client HTTP requests in the entity-body of the TRACK response. This behavior could be leveraged by attackers to access sensitive information, such as cookie...
Microsoft IIS 5.0 - Failure To Log Undocumented TRACK Requests
source: https://www.securityfocus.com/bid/9313/info A vulnerability has been reported to affect Microsoft IIS. It has been reported that IIS fails to log HTTP TRACK calls made to the affected server. A remote attacker may exploit this condition in order to enumerate server banners. TRACK / HTTP/1...
Microsoft IIS 5.0 - Failure To Log Undocumented TRACK Requests
Microsoft IIS 5.0 - Failure To Log Undocumented TRACK Requests source: https://www.securityfocus.com/bid/9313/info A vulnerability has been reported to affect Microsoft IIS. It has been reported that IIS fails to log HTTP TRACK calls made to the affected server. A remote attacker may exploit this...
NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/8567/info Winamp MIDI plugin, INMIDI.DLL has been reported prone to a buffer overflow issue when handling malicious MIDI files. The issue presents itself when a malicious value is passed as the Track Data Size of a malicious MIDI file header. Although...
Microsoft Windows DirectX MIDI library does not adequately validate MThd track values in MIDI files
Overview A Microsoft Windows DirectX library, quartz.dll, does not properly validate the number of tracks value in Musical Instrument Digital Interface MIDI files. An attacker could exploit this vulnerability to execute arbitrary code or crash any application using the library, causing a denial o...