ROS-2-1489

2.1489 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX Control Buffer Overflow (CVE-2008-0955)

A remote code execution vulnerability has been reported inCreative Software AutoUpdate Engine. The vulnerability is due to boundary errors within the AutoUpdate Engine ActiveX control CTSUEng.ocx. A remote attacker can exploit this vulnerability by enticing a user to open a malicious web page...

TigerVNC: User-assisted execution of arbitrary code

Background TigerVNC is a high-performance VNC server/client. Description Two boundary errors in TigerVNC could lead to a heap-based buffer overflow. Impact A remote attacker could entice a user to connect to a malicious VNC server using TigerVNC, possibly resulting in execution of arbitrary code...

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)

This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)

This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...

Adobe Reader Multiple Vulnerabilities (Feb 2008) - Windows

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Mozilla Firefox Multiple Vulnerabilities-01 (Mar 2014) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Apple QuickTime Multiple Vulnerabilities (Jun 2013) - Windows

QuickTime Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:quicktime";...

Measuresoft ScadaPro Multiple Security Vulnerabilities

Measuresoft ScadaPro SCADA Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ModPlug: User-assisted execution of arbitrary code

Background ModPlug is a library for playing MOD-like music. Description Multiple vulnerabilities have been found in ModPlug: The ReadS3M method in loads3m.cpp fails to validate user-supplied information, which could cause a stack-based buffer overflow CVE-2011-1574. The "CSoundFile::ReadWav"...

GLSA-201203-10 : libmikmod: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201203-10 libmikmod: User-assisted execution of arbitrary code Multiple boundary errors have been found in loadit.c in libmikmod, which may cause a buffer overflow. Impact : A remote attacker could entice a user to open specially...

libmodplug: Fixed multiple vulnerabilities reported in <= 0.8.8.3 (important)

This update of libmodplug0 fixes the following issues: 1 An integer overflow error exists within the "CSoundFile::ReadWav" function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WA...

7T Interactive Graphical SCADA System File Operations Buffer Overflows (CVE-2011-1567; CVE-2011-4050)

7-Technologies' IGSS is a Supervisory Control and Data Acquisition SCADA system used for monitoring and controlling industrial processes. Multiple buffer overflow vulnerabilities have been reported in 7T Interactive Graphical SCADA System IGSS. The vulnerability is due to boundary errors in the...

SigPlus Pro ActiveX Control < 4.29 Multiple Vulnerabilities

The SigPlus Pro ActiveX control, used for electronic signature integration with Topaz signature pads and installed on the remote Windows host, is earlier than 4.29. Such versions reportedly are affected by the following vulnerabilities : - The 'SetLogFilePath' method allows creation of a log file...

OpenSC < 0.12.0 Smart Card Serial Number Multiple Buffer Overflow Vulnerabilities - Windows

OpenSC is prone to multiple buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerability in Windows Media File Format Could Allow Remote Code Execution

This host is missing a critical security update according to Microsoft Bulletin MS07-068. OpenVAS Vulnerability Test $Id: gbms07-068.nasl 5863 2017-04-05 07:38:11Z antu123 $ Vulnerability in Windows Media File Format Could Allow Remote Code Execution Authors: Madhuri D Copyright: Copyright c 2011...

Vulnerability in Windows Media File Format Could Allow Remote Code Execution

This host is missing a critical security update according to Microsoft Bulletin MS07-068. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

RealWin SCADA System Buffer Overflow Vulnerabilities

This host is running RealWin SCADA system and is prone to buffer overflow vulnerabilities. OpenVAS Vulnerability Test $Id: gbrealwinscadabofvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ RealWin SCADA System Buffer Overflow Vulnerabilities Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone...

ShixxNOTE 6.net - Font Field Overflow (Metasploit)

$Id: shixxnotefont.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

BitDefender Antivirus PDF Processing Memory Corruption (CVE-2008-5409)

There exists a memory corruption vulnerability in multiple BitDefender products. The vulnerability is due to boundary errors within the BitDefender PDF Scanner plugin pdf.xmd. A remote attacker can exploit this vulnerability by delivering a crafted PDF file to the vulnerable system, potentially...