2876 matches found
php: exif_read_data crash on corrupted JPEG files
The exifreaddata function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service crash via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353...
python off-by-one locale.strxfrm() (possible memory disclosure)
Off-by-one error in the PyLocalestrxfrm function in Modules/localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due ...
pngcrush -- libpng Uninitialised Pointer Arrays Vulnerability
Secunia reports: A vulnerability has been reported in Pngcrush, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to the use of vulnerable libpng code...
vim: arbitrary code execution in commands: K, Control-], g]
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...
CVE-2008-3931
javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2008-2666
Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safemode restrictions by creating a subdirectory named http: and then placing ../ dot dot slash sequences in an http URL argument to the 1 chdir or 2 ftok function...
Database system security vulnerability excavations-vulnerability warning-the black bar safety net
Today, in the virus raging, hacking the ubiquitous network environment where software security has become a concern of the topic. Traditional software security main concern is that the permissions and roles of management, such as access control or data confidentiality and integrity, such as...
Moderate: htdig security update
3:3.2.0b6-4 - CVE-2007-6110...
[SECURITY] Fedora 8 Update: tomboy-0.8.1-3.fc8
Tomboy is a desktop note-taking application for Linux and Unix. Simple and easy to use, but with potential to help you organize the ideas and information y ou deal with every day. The key to Tomboy's usefulness lies in the ability to relate notes and ideas together. Using a WikiWiki-like linking...
BMP image parser vulnerability
The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...
Hack of the classic tutorial of buffer overflow and decryption(a)-vulnerability warning-the black bar safety net
The buffer overflow weakness was born in the 7 0's. Morris Worm8 0'scan be considered their first public application. From the 9 0's, related document, such as the famous Aleph1's”Smashing the Stack for Fun and Profit”and code has been on the Internet disclosed. This article is about some need to...
lighttpd -- FastCGI header overrun in mod_fastcgi
lighttpd maintainer reports: Lighttpd is prone to a header overflow when using the modfastcgi extension, this can lead to arbitrary code execution in the fastcgi application. For a detailed description of the bug see the external reference. This bug was found by Mattias Bengtsson and Philip Olaus...
krb5 kadmind uninitialized pointer
The kadm5modifypolicyinternal function in lib/kadm5/srv/svrpolicy.c in the Kerberos administration daemon kadmind in MIT Kerberos 5 krb5 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy"...
BMP image parser vulnerability
The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...
WebCalendar -- "noSet" variable overwrite vulnerability
Secunia reports: A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system. Input passed to unspecified parameters is not properly verified before being used with the "noSet" parameter set. This can be exploited to overwrite...
CVE-2007-0387
SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 comweblinks allows remote attackers to execute arbitrary SQL commands via the catid parameter...
SAP Internet Graphics Server远程缓冲区溢出漏洞
SAP Internet Graphics Server是SAP R/3企业环境的一个组件,可提供图形服务。 SAP Internet Graphics Server不正确处理用户提交的HTTP请求,远程攻击者可以利用漏洞进行缓冲区溢出攻击,可能以进程权限执行任意指令。 目前没有详细漏洞细节提供,成功利用漏洞可导致在UNIX系统下获得SAP系统管理员特权,而在windows下可导致获得SYSTEM权限。 SAP Internet Graphics Server 6.40 Patch 11 SAP Internet Graphics Server 6.40 SAP Internet...
security flaw
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...
security flaw
Integer overflow in the Binary File Descriptor BFD library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer...
IDS evasion techniques and countermeasures detailed description-vulnerability warning-the black bar safety net
In the network thriving for a few days, the network security issues become increasingly prominent. Network on the Black, White two in the network security of the various fields are engaged in a fierce competition. The black hat community and constantly launch Dodge or across the networkintrusion...