5302 matches found
CVE-2014-4611
CVE-2014-4611 concerns an integer overflow in the LZ4 implementation used in Yann Collet LZ4 prior to r118 and in the Linux kernel’s lz4_decompress.c (linux kernel before 3.15.2) on 32-bit platforms. A crafted Literal Run can trigger improper handling, enabling context-dependent attackers to caus...
CVE-2014-4611
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...
CVE-2014-4611
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...
The LZO/LZ4 Integer Overflow Summary
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...
CVE-2014-4611
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...
HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple Vulnerabilities
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server has an implementation of the OpenSSL library that is affected by the following vulnerabilities : - An error exists in the ssl3readbytes function that allows data to be injected...
OpenDrive <= 1.3.141 Local Password Disclosure
No description provided by source. / Title: OpenDrive = 1.3.141 Local Password Disclosure Authors: Glafkos Charalambous, George Nicolaou Contact: glafkosatastalavistadotcom, ishtusatastalavistadotcom Version: 1.3.141 Vendor: http://www.opendrive.com Description: Authentication credentials used by...
Invision Power Board <= 2.3.5 - Remote SQL Injection Exploit
No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // IPB = 2.3.5 sql injection exploit // Version 1.0 // written by Janek Vind waraxe // Estoni...
Computer Associates Unicenter Asset Manager Stored Secret Data Decryption Weakness
No description provided by source. source: http://www.securityfocus.com/bid/7808/info It has been reported that Unicenter Asset Manager stores password information in a way that may be easily recovered. Because of this, an attacker may be able to gain access to potentially sensitive resources...
QSSL QNX 4.25 A crypt() Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1114/info A design error in the operation of the crypt3 function exists in QNX, from QNX System Software, Limited QSSL. The flaw allows the recovery of passwords from the hashes. On most Unix variants, crypt3 is based on ...
Perl2Exe 1.0 9/5.0 2/6.0 Code Obfuscation Weakness
No description provided by source. source: http://www.securityfocus.com/bid/6909/info Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the encrypt option is selected. Those who use Perl2Exe with the expectation that the...
OracleAS TopLink Mapping Workbench Weak Encryption Algorithm Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9515/info OracleAS TopLink Mapping Workbench is a tool included with OracleAS TopLink, a Java-based database integration development framework that is included as a component of various Oracle Application Server releases...
Apple Mac OS <= 8 8.6 Weak Password Encryption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/519/info The encryption algorithm in MacOS system is simple and the password can be easily decoded. Password is stored in Users & Groups Data File in Preferences folder. Offset is different on each system and depends on...
Soldier of Fortune 2 <= 1.03 "cl_guid" - Server Crash
No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include time.h / Quake 3 engine Huffman algorithm 0.2 ALL the code comes from the Q3fusion project of Andrey Nazarov: http://sourceforge.net/projects/q3fusion/ I have simply modified some...
Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 Weak Password Encryption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/880/info IMail keeps the encrypted passwords for email accounts in a registry key, HKLM\SOFTWARE\Ipswitch\Imail\Domains\DomainName\Users\UserName, in a string value called Password. The encryption scheme used is weak and...
Quinn "the Eskimo" and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/546/info Internet Config is a third-party freeware utility for MacOS. It provides a means of centralizing frequently-required connection information, including passwords, for use by several programs. The passwords are...
MD5 Message Digest Algorithm Hash Collision Weakness
No description provided by source. source: http://www.securityfocus.com/bid/11849/info The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result in the same...
PassWD 1.2 Weak Encryption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1300/info PassWd 1.2 is a password management utility designed to store user login information to various URLs. The login information, which includes username, password and link location is stored in the pass.dat file whi...
FlashFXP 1.4 User Password Encryption Weakness
No description provided by source. source: http://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for...
Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit
No description provided by source. / Copyright 2004 Luigi Auriemma This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your option any later...