CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execu...

PT-2010-2246 · Microsoft · Windows Xp +7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through 2000 SP4 Microsoft Windows versions XP SP2 through XP SP3 Microsoft Windows versions Server 2003 SP2 Microsoft Windows versions Vista SP1 through Vista SP2 Microsoft Windows versions Server 2008 Gol...

Debian Security Advisory DSA 2023-1 (curl)

The remote host is missing an update to curl announced via advisory DSA 2023-1. OpenVAS Vulnerability Test $Id: deb20231.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2023-1 curl Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

curl: zlib-compression causes curl to pass more than CURL_MAX_WRITE_SIZE bytes to write callback

contentencoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service application crash or have unspecified othe...

curl: zlib-compression causes curl to pass more than CURL_MAX_WRITE_SIZE bytes to write callback

contentencoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service application crash or have unspecified othe...

Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a failure to unregister a callba...

cURL/libcURL CURLOPT_ENCODING选项缓冲区溢出漏洞

BUGTRAQ ID: 38162 cURL是命令行传输文件工具，支持FTP、FTPS、HTTP、HTTPS、GOPHER、TELNET、DICT、FILE和LDAP。 在下载数据时，libcurl库使用客户端软件所注册的回调函数将数据传送给应用程序，在完成传输之前会反复的调用该函数。回调函数可接收的最大数据大小为16K（CURLMAXWRITESIZE）。 在HTTP上使用libcurl库下载压缩的内容时应用程序可以要求libcurl自动解压数据。而解压期间libcurl可能错误的向回调函数发送最多可为64K的数据，因此盲目信任libcurl的最大缓冲区限制的应用可能会出现缓冲区溢出。...

CVE-2010-0425

modules/arch/win32/modisapi.c in modisapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapiunload for an ISAPI .dll module, which allows remote attackers ...

CURL-CVE-2010-0734 data callback excessive length

When downloading data, libcurl hands it over to the application using a callback that is registered by the client software. libcurl then calls that function repeatedly with data until the transfer is complete. The callback is documented to receive a maximum data size of 16K CURLMAXWRITESIZE. Usin...

VulnCheck KEV: CVE-2008-2042

The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function...

phpwind 7.5 api/class_base.php Include Vulnerabilities

PHPWind 论坛系统 是一套采用 php+mysql 数据库 方式运行并可生成 html 页面的全新且完善的强大系统。因具有非凡的访问速度和卓越的负载能力而深受国内外朋友的喜爱。 api/classbase.php文件里callback函数里$mode变量没有过滤导致任意包含本地文件,从而可以执行任意PHP命令. api/classbase.php文件里: function callback$mode, $method, $params if !isset$this-classdb$mode if !fileexistsRP.'api/class' . $mode . '.php'...

Mac OS X : Apple Safari < 4.0.4

The version of Apple Safari installed on the remote Mac OS X host is earlier than 4.0.4. As such, it is potentially affected by several issues : - Multiple use-after-free issues exist in libxml2, the most serious of which could lead to a program crash. CVE-2009-2414, CVE-2009-2416 - An issue in t...

Adobe Acrobat < 8.1.2 / 7.1.0 Multiple Vulnerabilities

The version of Adobe Acrobat installed on the remote host is earlier than 8.1.2 or 7.1.0. Such versions are reportedly affected by multiple vulnerabilities : - A design error vulnerability may allow an attacker to gain control of a user's printer. - Multiple stack-based buffer overflows may allow...

WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution

WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution ============================================================ Wordpress Plugin WP-Syntax Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0...

RedHat Security Advisory RHSA-2009:1132

The remote host is missing updates to the Linux kernel announced in advisory RHSA-2009:1132. These updated packages fix the following security issues: a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across...

kernel: xen: local denial of service

The hypervisorcallback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service kernel oops of the guest OS by triggering a segmentation fault in "certain address ranges."...

kernel: xen: local denial of service

The hypervisorcallback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service kernel oops of the guest OS by triggering a segmentation fault in "certain address ranges."...

CVE-2008-6404

Cross-site scripting XSS vulnerability in addcalendars.php in eXtrovert Software Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

linux/x86 writes a php connectback shell to the fs 508 bytes

Exploit for linux/x86 platform in category shellcode ============================================================ linux/x86 writes a php connectback shell to the fs 508 bytes ============================================================ include / Grayscale Research: Linux Write FS PHP Connect Back...

CVE-2008-1318

Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...