Lucene search
K

238 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:5 p.m.34 views

Security Bulletin: IBM WebSphere Dashboard Framework is affected by multiple security vulnerabilities in Apache POI

Summary Apache POI, which is bundled with IBM WebSphere Dashboard Framework, is vulnerable to denial of service attacks and could allow a remote attacker to obtain sensitive information. Vulnerability Details IBM WebSphere Dashboard Framework WDF bundles a copy of Apache POI, which is used by the...

5CVSS0.5AI score0.13258EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2017/07/14 12:0 a.m.17 views

Virtual Apps and Desktops: Logon Duration in MonitorData.Session Table shows "Null"

Logon Duration inMonitorData.Session Table in Monitoring Database shows "Null" value for all sessions and hence Director does not report Average logon Duration for Sessions. Restarting the Monitoring Service on Delivery Controllers does not fix the issue. We used the below scripts to ensure thatO...

6.8AI score
Exploits0
Citrix
Citrix
added 2017/03/11 12:0 a.m.8 views

Using Task Scheduler to automate the collection of CDF traces

It gets difficult at times when we need to capture CDF traces for a specific period of time. We have different tools like CDF Control, Scout and CDF Monitor, however it requires manual intervention to start and stop the traces and yet there are chances that the traces might get over-written if yo...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2016/08/31 12:0 a.m.30 views

PHP < 5.6.0 DoS Vulnerability - Windows

PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.5CVSS7.6AI score0.02543EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/08/12 12:0 a.m.49 views

FreeBSD : FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3) (70140f20-6007-11e6-a6c3-14dae9d210b8)

A specifically crafted Composite Document File CDF file can trigger an out-of-bounds read or an invalid pointer dereference. CVE-2012-1571 A flaw in regular expression in the awk script detector makes use of multiple wildcards with unlimited repetitions. CVE-2013-7345 A malicious input file could...

6.5CVSS7.2AI score0.0507EPSS
Exploits3References5
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A vulnerability exists in the cdfreadpropertyinfo function of the Fileinfo component’s file in PHP, due to improper flow control. Exploitation of this vulnerability allows malicious actors to cause a service failure abnormal termination of the application by using specially crafted CDF files...

4.3CVSS7.4AI score0.14927EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A vulnerability exists in the cdfcheckstreamoffset function in the cdf.c file of the Fileinfo component in PHP, due to the use of incorrect sector size data. Exploiting this vulnerability allows malicious actors to cause a service failure abnormal termination of the application by utilizing a...

4.3CVSS7.4AI score0.14927EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of the PHP interpreter, which allows a malicious attacker to trigger a service failure

The cdfunpacksummaryinfo function in the cdf.c library of the PHP interpreter contains a vulnerability. Exploiting this vulnerability allows an unauthorized attacker to trigger an infinite loop using a specially created CDF file, resulting in service failure due to exhaustion of processor resourc...

5CVSS7.4AI score0.19877EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/05/17 12:0 a.m.36 views

PHP Fileinfo Component Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.Fileinfo is one of the components used to display the properties of a file and support batch modification of its properties. A security...

7.5CVSS8AI score0.02543EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.60 views

CentOS 6 : file (CESA-2016:0760)

An update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS7.7AI score0.20237EPSS
Exploits2References8
Prion
Prion
added 2016/05/16 10:59 a.m.28 views

Null pointer dereference

file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c...

5CVSS7AI score0.02543EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2016/05/16 10:59 a.m.2 views

DEBIAN-CVE-2014-0236

file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c...

7.5CVSS6.8AI score0.02543EPSS
Exploits0References1
Cent OS
Cent OS
added 2016/05/16 10:13 a.m.449 views

file, python security update

CentOS Errata and Security Advisory CESA-2016:0760 An update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.1AI score0.20237EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2016/05/16 12:0 a.m.6 views

PT-2016-3483 · Php · Php +1

Name of the Vulnerable Software and Affected Versions: Fileinfo component in PHP versions prior to 5.6.0 file versions prior to 5.18 Description: The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash. This is achieved by usin...

7.5CVSS6.5AI score0.02543EPSS
Exploits0References7
Openbugbounty
Openbugbounty
added 2016/05/15 7:16 a.m.13 views

cdf-dignelesbains.fr XSS vulnerability

Vulnerable URL: http://www.cdf-dignelesbains.fr/js/build/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/05/12 12:0 a.m.56 views

RHEL 6 : file (RHSA-2016:0760)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0760 advisory. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file...

7.5CVSS7.7AI score0.20237EPSS
Exploits2References24
RedHat Linux
RedHat Linux
added 2016/05/10 6:32 p.m.8 views

file: incomplete fix for CVE-2012-1571 in cdf_read_property_info

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

6.5CVSS7.4AI score0.20237EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.56 views

Scientific Linux Security Update : file on SL7.x x86_64 (20151119)

Multiple denial of service flaws were found in the way file parsed certain Composite Document Format CDF files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. CVE-2014-0207, CVE-2014-0237, CVE-2014-0238,...

7.5CVSS6.9AI score0.20805EPSS
Exploits3References15
Cent OS
Cent OS
added 2015/11/30 7:28 p.m.102 views

file, python security update

CentOS Errata and Security Advisory CESA-2015:2155 Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...

7.5CVSS6.8AI score0.20805EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.50 views

Oracle Linux 7 : file (ELSA-2015-2155)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2155 advisory. - fix CVE-2014-8116 - bump the acceptable ELF program headers count to 2048 - fix CVE-2014-0207 - cdfreadshortsector insufficient boundary check - fix...

7.5CVSS7.1AI score0.20805EPSS
Exploits3References15
Rows per page
Query Builder