4011 matches found
Irix LPD tagprinter Command Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Irix LPD...
Firefox 3.5.3 3.0.14 Location bar spoofing via tall line-height Unicode characters
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property...
Opera 9 Configuration Overwrite
Opera web browser in versions HttpClients::OPERA, :uamaxver = "9.10", :osname = OperatingSystems::Match::WINDOWS, OperatingSystems::Match::LINUX , :javascript = true, :rank = ExcellentRanking, reliable cmd exec, cleans up after itself :vulntest = nil, def initializeinfo = superupdateinfoinfo,...
OpenJDK: Type1 font processing buffer overflow vulnerability
Integer signedness error in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and...
Firebird SQL op_connect_request main listener shutdown Vulnerability
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Firebird SQL opconnectrequest main listener shutdown vulnerability 1. Advisory Information Title: Firebird SQL opconnectrequest mai...
python: integer signedness error in the zlib extension module
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow...
python: integer signedness error in the zlib extension module
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow...
tomcat6 Denial-Of-Service with AJP connection
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and modjk load balancing are used, allows remote attackers to cause a denial of service application outage via a crafted request with invalid headers, related to temporary blocking of...
Dillo Png_datainfo_callback()函数整数溢出漏洞
BUGTRAQ ID: 35575 CVECAN ID: CVE-2009-2294 Dillo是运行在Unix平台上的轻量级浏览器。 Dillo的Pngdatainfocallback函数在解析内嵌了PNG图形的HTML页面时存在可最终导致堆溢出的整数溢出漏洞。如果攻击者在PNG图形中指定了超长的宽度和高度值,打开该图形就可以触发这个溢出,导致执行任意代码。 Dillo Project Dillo = 2.1 厂商补丁: Dillo Project ------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Firefox 2 and 3 Layout engine crash
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree...
Firefox arbitrary code execution flaw
The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...
OpenJDK Font processing vulnerability (6733336)
Heap-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file...
DEBIAN-CVE-2009-1251
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via an RX response containing more data than specified in a...
OpenJDK Font processing vulnerability (6733336)
Heap-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file...
acroread: multiple JBIG2-related security flaws
Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table...
Java Web Start BasicService displays local files in the browser
Unspecified vulnerability in the BasicService for Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted downloaded applications to cause local files to be displayed in the brows...
Java WebStart allows hidden code privilege escalation
Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF an...
OpenJDK Font processing vulnerability (6733336)
Heap-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
condor: buffer overflow in lookup_macro
Stack-based buffer overflow in the condor schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...