1104 matches found
CVE-2009-3084
The msnslpprocessmsg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service application crash via a handwritten aka Ink message, related to an uninitialized variabl...
DEBIAN-CVE-2009-3084
The msnslpprocessmsg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service application crash via a handwritten aka Ink message, related to an uninitialized variabl...
CVE-2009-3084
The msnslpprocessmsg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service application crash via a handwritten aka Ink message, related to an uninitialized variabl...
Discuz! < 5.50论坛preg_match()函数未初始化$onlineipmatches变量漏洞
Discuz!是一款华人地区非常流行的Web论坛程序。 在Discuz!论坛的include/common.inc.php文件中: $magicquotesgpc = getmagicquotesgpc; @extractdaddslashes$COOKIE; @extractdaddslashes$POST; @extractdaddslashes$GET; //覆盖变量,这里我们可以覆盖$SERVER if!$magicquotesgpc $FILES = daddslashes$FILES; ..... ifgetenv'HTTPCLIENTIP' &&...
LxBlog V6变量未初始化漏洞
Lxblog 是 PHPWind 开发的一套基于 PHP+MySQL 数据库平台架构的多用户博客系统,强调整站与用户个体间的交互,拥有强大的个人主页系统、独立的二级域名体系、灵活的用户模板系统、丰富的朋友圈和相册功 能。但是该blog系统在安全性上并不让人满意,本文就来分析lxblog一个变量未初始化造成的sql注入漏洞。 LxBlog V6 在数据库查询语句前面将变量$itemtype赋值为指定的数组就可以了。 =======================poc==================================...
Design/Logic Flaw
The Hash-based Message Authentication Code HMAC provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."...
Denial of service
sockethandler.cpp in HTTP Antivirus Proxy HAVP 0.88 allows remote attackers to cause a denial of service hang by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable...
CVE-2008-3688
sockethandler.cpp in HTTP Antivirus Proxy HAVP 0.88 allows remote attackers to cause a denial of service hang by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable...
CVE-2008-3688
sockethandler.cpp in HTTP Antivirus Proxy HAVP 0.88 allows remote attackers to cause a denial of service hang by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable...
CVE-2008-3688
sockethandler.cpp in HTTP Antivirus Proxy HAVP 0.88 allows remote attackers to cause a denial of service hang by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable...
DEBIAN-CVE-2008-3688
sockethandler.cpp in HTTP Antivirus Proxy HAVP 0.88 allows remote attackers to cause a denial of service hang by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable...
CVE-2008-3688
sockethandler.cpp in HTTP Antivirus Proxy HAVP 0.88 allows remote attackers to cause a denial of service hang by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable...
CVE-2008-3688
sockethandler.cpp in HTTP Antivirus Proxy HAVP 0.88 allows remote attackers to cause a denial of service hang by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable...
PT-2008-5050 · Havp · Http Antivirus Proxy
Name of the Vulnerable Software and Affected Versions: HTTP Antivirus Proxy HAVP version 0.88 Description: The issue allows remote attackers to cause a denial of service by connecting to a non-responsive server, triggering an infinite loop due to an uninitialized variable. This occurs in the...
Design/Logic Flaw
CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF document, related to an uninitialized variable...
CVE-2008-1031
CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF document, related to an uninitialized variable...
CVE-2008-1031
CVE-2008-1031 : The Mac OS X CoreGraphics component (Mac OS X
Debian Security Advisory DSA 153-1 (mantis)
The remote host is missing an update to mantis announced via advisory DSA 153-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...
CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...