DEBIAN-CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

DEBIAN-CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

CVE-2007-6150

The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values...

tomcat handling of cookie values

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the " character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks...

Design/Logic Flaw

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on 1 forward security and 2 backward security, related to use of eight...

CVE-2007-6043

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on 1 forward security and 2 backward security, related to use of eight...

CVE-2007-6043

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on 1 forward security and 2 backward security, related to use of eight...

CVE-2007-6043

CVE-2007-6043 concerns the CryptGenRandom generator on Windows 2000, which produces predictable values. The description states this can let context-dependent attackers weaken cryptographic mechanisms, demonstrated via attacks on forward and backward security related to the use of eight RC4 instan...

Stack overflow

Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne FlexGrid 7.1 Light allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the 1 Text, 2 EditSelText, 3 EditText, and 4 CellFontName property...

util-linux (u)mount doesn't drop privileges properly when calling helpers

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs...

Input validation

Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads...

CVE-2007-4695

Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads...

CVE-2007-4695

Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads...

CVE-2007-4695

The CVE-2007-4695 issue affects Apple Mac OS X 10.4 through 10.4.10 and Mac OS X Server 10.4 through 10.4.10, where a WebCore input-validation flaw in HTML form handling may allow remote attackers to modify form field values via unknown vectors related to file uploads. The underlying defect is an...

DEBIAN-CVE-2006-7228

Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...

Design/Logic Flaw

Bandersnatch 0.4 allows remote attackers to obtain sensitive information via a malformed request for index.php with 1 a certain func parameter value; or 2 certain func, jid, page, and limit parameter values; which reveals the path in various error messages...

texinfo-poc.txt

--==+=============================================+==-- --==+ texinfo = 4.9 format string vuln PoC +==-- --==+=============================================+==-- DISCOVERED BY: Cody Rester WEBSITE: www.codyrester.com --==+=============================================+==-- TIMELINE:...