1675 matches found
SOL5004 - Security Advisory: zlib buffer overflow - CAN-2005-2096
Vulnerability description zlib 1.2 and later versions allows remote attackers to cause a denial of service crash via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. Information...
CVE-2007-2459
Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...
CVE-2007-2459
Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...
CVE-2007-1281
Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service CPU consumption via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression...
CVE-2007-1281
The CVE-2007-1281 issue affects Kaspersky Anti-Virus Engine versions for Windows (6.0.1.411) and Linux (5.5-10). A crafted UPX-compressed file with a negative offset can trigger an infinite loop during decompression, allowing remote attackers to cause a denial of service via CPU consumption. The ...
Buffer overflow
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...
CVE-2007-0851
CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...
Hacking tricks of teach you make a simple QQ bomb-vulnerability warning-the black bar safety net
Today for everyone to talk about a simple production of the QQ bomb regard, absolutely everyone with a look of schooling would! The first method is the use of compressed packets, the method I used to teach my sister used that method and play with her classmate, first of all, we first create a...
CVE-2006-6870
The consumelabels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service infinite loop via a crafted compressed DNS response with a label that points to itself...
CVE-2006-6870
The consumelabels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service infinite loop via a crafted compressed DNS response with a label that points to itself...
CVE-2006-6870
The consumelabels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service infinite loop via a crafted compressed DNS response with a label that points to itself...
With the rabbit plus WinRAR play dead charge encryption software-bug warning-the black bar safety net
Currently on the network encryption software have mushroomed General everywhere, their price is often in the 3 0 yuan, and many friends also have to fork out money to buy these encryption software, but they really can play the role of encryption? Author Super rabbit and WinRAR both software for...
trivial proof of concept code for F-Prot 4.6.6 .ACE DoS
No description provided by source. fprot1.py - trivial proof of concept code for F-Prot 4.6.6 .ACE DoS Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and...
F-Prot AntiVirus 4.6.6 - ACE Denial of Service
F-Prot AntiVirus 4.6.6 - ACE Denial of Service fprot1.py - trivial proof of concept code for F-Prot 4.6.6 .ACE DoS Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright...
QBIK Wingate DoS
Nedless loop on compressed DNS requests processing...
WinGate DNS Compressed Name Pointer DoS
The remote host appears to be running WinGate, a Windows application for managing and securing Internet access. The version of WinGate installed on the remote host contains a flaw involving the processing of DNS requests with compressed name pointers. By sending a specially crafted DNS request to...
CVE-2006-5487
CVE-2006-5487 affects Marshal MailMarshal products: SMTP 5.x, 6.x, 2006, and MailMarshal for Exchange 5.x. The root cause is improper sandboxing during ARJ attachment extraction, allowing directory traversal via "../" in filenames to place or write files in arbitrary locations. Reports describe p...
CVE-2006-5295
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service scanning service crash via a crafted Compressed HTML Help CHM file that causes ClamAV to "read an invalid memory location."...
Debian DSA-1018-2 : kernel-source-2.4.27 - several vulnerabilities
The original update lacked recompiled ALSA modules against the new kernel ABI. Furthermore, kernel-latest-2.4-sparc now correctly depends on the updated packages. For completeness we're providing the original problem description : Several local and remote vulnerabilities have been discovered in t...
USN-349-1: gzip vulnerabilities
Tavis Ormandy discovered that gzip did not sufficiently verify the validity of gzip or compress archives while unpacking. By tricking an user or automated system into unpacking a specially crafted compressed file, this could be exploited to execute arbitrary code with the user's privileges...