FreeBSD : libtremor -- memory corruption (40497e81-fee3-4e54-9d5f-175a5c633b73)

The Mozilla Project reports : Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. %NASLMINLEVEL 70300 C...

ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

Exploit for php platform in category web applications !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8.1 Remote Root Code Execution Vulnerability Author: eF Date : 2014-09-12 URL : http://www.alcasar.net/ This is not a responsible disclosure coz' I have no sense of ethics and I don't give a...

ActualAnalyzer Lite 2.81 - Command Execution

ActualAnalyzer exploit. Tested on Lite version We load command into a dummy variable as we only have 6 characters to own the eval but load more as first 2 characters get rm'd. We then execute the eval with backticks. 11/05/2011 import urllib import urllib2 import sys import time def banner: print...

RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution

Added: 10/22/2010 CVE: CVE-2010-3747 BID: 44144 OSVDB: 68673 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem CDDA cdda:// is a protocol used to locate media files on Compact Disc Digital Audio...

VUPEN Security Research - Microsoft Internet Explorer &quot;CIframeElement&quot; Object Use-after-free Vulnerability &#40;CVE-2010-2558&#41;

VUPEN Security Research - Microsoft Internet Explorer "CIframeElement" Object Use-after-free Vulnerability CVE-2010-2558 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the...

Microsoft IE基线标签渲染远程代码执行漏洞（MS10-002）

BUGTRAQ ID: 37895 CVE ID: CVE-2010-0245 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 如果交错的strike和center标签中包含用用于操控sub或sup等字体基线的元素的话，则在IE渲染该标签时存在释放后使用错误。在删除这个元素指针的时候，IE之后会引用已被释放的指针。 攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。 Microsoft Internet Explorer 8.0 临时解决方法： 将Internet...

Fedora 9 : mantis-1.1.2-1.fc9 (2008-6647)

Update to upstream version 1.1.2, fixing following security issues: - 0008974: XSS Vulnerability in filters - 0008975: CSRF Vulnerabilities in usercreate CVE-2008-2276 - 0008976: Remote Code Execution in admconfig - 0009154: arbitrary file inclusion through user preferences page See upstream...

CVE-2008-0986

Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field...

DSA-995-1 metamail - buffer overflow

Bulletin has no description...

Debian DSA-723-1 : xfree86 - buffer overflow

A buffer overflow has been discovered in the Xpm library which is used in XFree86. A remote attacker could provide a specially crafted XPM image that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 &#40;10.04.2005&#41;

Summary: Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 10.04.2005 http://www.goldenftpserver.com/ Details: Passing an overly long username parameter to the FTP server causes the EIP register to be overwritten after the USER/PASS login sequence is completed. Once this has been do...

[Full-disclosure] OpenOffice DOC document Heap Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenOffice DOC document Heap Overflow Security Advisory Advisory:ADLAB-05001 OpenOffice DOC document Heap Overflow Class: Design Error DATE:30/3/2005 CVEID:CAN-2005-0941 Vulnerable: =OpenOffice OpenOffice 1.1.4 -OpenOffice OpenOffice 2.0dev...

Debian DSA-587-1 : freeamp - buffer overflow

Luigi Auriemma discovered a buffer overflow condition in the playlist module of freeamp which could lead to arbitrary code execution. Recent versions of freeamp were renamed into zinf. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

CVE-2004-0227

Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute arbitrary code via a long query string...

Oracle9i Database contains buffer overflow in NUMTOYMINTERVAL() function

Overview Oracle9i Database contains a buffer overflow in the NUMTOYMINTERVAL function which could allow anyone who can query the server to execute arbitrary code or access data with the privileges of the vulnerable process. Description A buffer overflow exists in the NUMTOYMINTERVAL function. Thi...

PSOProxy 0.91 - Remote Buffer Overflow (1)

PSOProxy 0.91 - Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially...

HTMLToNuke - Cross-Site Scripting

HTMLToNuke - Cross-Site Scripting source: https://www.securityfocus.com/bid/8174/info A vulnerability has been reported in htmltonuke that may result in web code execution in the browser of visiting users. This code would be executed in the security context of the site hosting the vulnerable...

[SECURITY] [DSA-322-1] New typespeed packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 322-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 16th, 2003 http://www.debian.org/security/faq -...

Microsoft BizTalk Server Multiple Remote Vulnerabilities

The remote host seems to be running Microsoft BizTalk server. There are two flaws in this software that could allow an attacker to issue a SQL insertion attack or to execute arbitrary code on the remote host. Note that Nessus solely relied on the presence of a Biztalk DLL to issue this alert so i...

DCP-Portal lib.php root Parameter Remote File Inclusion

DCP-Portal has a remote file include vulnerability. A remote attacker could exploit this to execute arbitrary PHP code in the context of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. DCP-Portal Cross Site Scripting Bugs From: "Frog Man" To: [email protected] Subject...