7 matches found
Type Confusion
socket.io-parser is vulnerable to type confusion. It is possible to overwrite the placeholder object due to improper type validation of attachment parsing in the reconstructPacket function, which allows an attacker to place references to functions at arbitrary places in the resulting query object...
CVE-2022-2421
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object...
Input validation
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object...
CVE-2022-2421 Socket.io - Improper type validation in attachment parsing
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object...
CVE-2022-2421 Socket.io - Improper type validation in attachment parsing
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object...
CVE-2022-2421
CVE-2022-2421 : The vulnerability arises from improper type validation in the Socket.io attachment parsing, allowing overwriting of the _placeholder object and potentially placing function references in the resulting query object. In IBM App Connect Enterprise Certified Container, this could enab...
Symantec Mail Security for SMTP可执行程序附件解析拒绝服务漏洞
BUGTRAQ ID: 24625 CVECAN ID: CVE-2007-1792 Symantec Mail Security for SMTP是用于扫描邮件的反垃圾邮件、杀毒和内容过滤软件包。 Mail Security的SMS Filter Hub服务没有正确地解析邮件附件中的可执行程序,如果攻击者发送了恶意邮件的话就可能导致无法处理的访问破坏,服务会周期性的拒绝邮件。 Symantec Mail Security for SMTP 5.0.1 Symantec Mail Security for SMTP 5.0 Symantec Mail Security Appliance...