208 matches found
CVE-2015-8614
Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...
CVE-2015-8614
Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...
Stack overflow
Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...
Stack overflow
Stack-based buffer overflow in the conveuctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614...
CVE-2015-8614
Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...
UBUNTU-CVE-2015-8614
Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...
CVE-2015-8614
Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...
CVE-2015-8614
Claws Mail (GTK-based email client) is affected by a stack-based buffer overflow in codeconv.c (conv_jistoeuc, conv_euctojis, conv_sjistoeuc) that can be triggered by a crafted email containing Japanese character set conversions. Affects versions before 3.13.1; CVE-2015-8708 notes this is an inco...
CVE-2015-8708
Stack-based buffer overflow in the conveuctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614...
CVE-2015-8614
Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...
CVE-2015-8708
Stack-based buffer overflow in the conveuctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614...
Updated claws-mail packages fix security vulnerability
no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...
MGASA-2016-0008 Updated claws-mail packages fix security vulnerability
no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...
Web Reference Database SQL Injection Vulnerability
Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A security vulnerability in the Web Reference Database install.php script handling the 'defaultCharacterSet' parameter allows remote attackers t...
Passgen - Random Character Generator Crunch to Crack WPA/WPA2
Passgen is an alternative for the random character generator crunch which attempts to solve cracking WPA/WPA2 keys by randomizing the output opposed to generating a list like so, aaaaaaaa, aaaaaaab, aaaaaac, etc. Example usuage with aircrack-ng python passgen.py -l | sudo aircrack-ng --bssid...
WordPress < 4.1.2 version there is XSS vulnerability, an attacker can exploit to obtain site permissions-bug warning-the black bar safety net
tldr; mysql → special characters → truncation → input validation → output sanitisation → xss → time to update WordPress. Mysql truncate Mysql utf8 character set only support up to 3-byte characters, if you insert a 4-byte characters, the default configuration of mysql will truncate the character...
Crunch - Password Cracking Wordlist Generator
Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations. Features crunch generates wordlists in both combination and permutation ways it can breakup output by number of lines or fi...
Updated bugzilla packages fix a CSRF vulnerability
Updated bugzilla packages fix security vulnerabilities: Adobe does not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery CSRF attacks against Bugzilla's JSONP endpoint, possibly obtaining sensitive bug information, via a crafted OBJECT...
Minimising font downloads
Optimising fonts is pretty difficult for larger sites. There's an easy solution, although only some browsers support it. Translations Français Fonts can be big Really big. They can be anywhere from 70k to many megabytes compressed of course, because why wouldn't you?. You want bold? Well, you jus...
Memory corruption
The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...