Lucene search
+L

1675 matches found

f5
f5
added 2007/05/16 12:0 a.m.119 views

SOL5004 - Security Advisory: zlib buffer overflow - CAN-2005-2096

Vulnerability description zlib 1.2 and later versions allows remote attackers to cause a denial of service crash via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. Information...

7.5CVSS3.1AI score0.05476EPSS
Exploits3
nvd
nvd
added 2007/05/02 6:19 p.m.11 views

CVE-2007-2459

Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...

7.8CVSS7.9AI score0.04926EPSS
Exploits0References11
ubuntucve
ubuntucve
added 2007/05/02 6:19 p.m.16 views

CVE-2007-2459

Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...

7.8CVSS6.4AI score0.04926EPSS
Exploits0References1
cvelist
cvelist
added 2007/03/06 1:0 a.m.27 views

CVE-2007-1281

Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service CPU consumption via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression...

6.5AI score0.02916EPSS
Exploits0References6
cve
cve
added 2007/03/06 1:0 a.m.70 views

CVE-2007-1281

The CVE-2007-1281 issue affects Kaspersky Anti-Virus Engine versions for Windows (6.0.1.411) and Linux (5.5-10). A crafted UPX-compressed file with a negative offset can trigger an infinite loop during decompression, allowing remote attackers to cause a denial of service via CPU consumption. The ...

7.8CVSS6.5AI score0.02916EPSS
Exploits0References6Affected Software1
prion
prion
added 2007/02/08 6:28 p.m.17 views

Buffer overflow

Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center CCC Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable...

9.3CVSS8.5AI score0.083EPSS
Exploits0References15Affected Software17
cve
cve
added 2007/02/08 6:0 p.m.59 views

CVE-2007-0851

CVE-2007-0851 describes a buffer overflow in Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, exploitable when processing UPX-packed executables (as used in CCC Cleaner). The CCC Cleaner component is affected when the UPX-packed file is scanned, enabling arbitrary code ...

9.3CVSS7.8AI score0.083EPSS
Exploits0References15Affected Software23
myhack58
myhack58
added 2007/01/26 12:0 a.m.43 views

Hacking tricks of teach you make a simple QQ bomb-vulnerability warning-the black bar safety net

Today for everyone to talk about a simple production of the QQ bomb regard, absolutely everyone with a look of schooling would! The first method is the use of compressed packets, the method I used to teach my sister used that method and play with her classmate, first of all, we first create a...

7.5AI score
Exploits0
nvd
nvd
added 2006/12/31 5:0 a.m.12 views

CVE-2006-6870

The consumelabels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service infinite loop via a crafted compressed DNS response with a label that points to itself...

5CVSS6.3AI score0.02298EPSS
Exploits0References16
ubuntucve
ubuntucve
added 2006/12/31 5:0 a.m.25 views

CVE-2006-6870

The consumelabels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service infinite loop via a crafted compressed DNS response with a label that points to itself...

5CVSS6AI score0.02298EPSS
Exploits0References2
osv
osv
added 2006/12/31 5:0 a.m.5 views

CVE-2006-6870

The consumelabels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service infinite loop via a crafted compressed DNS response with a label that points to itself...

6.2AI score
Exploits0References16
myhack58
myhack58
added 2006/12/18 12:0 a.m.30 views

With the rabbit plus WinRAR play dead charge encryption software-bug warning-the black bar safety net

Currently on the network encryption software have mushroomed General everywhere, their price is often in the 3 0 yuan, and many friends also have to fork out money to buy these encryption software, but they really can play the role of encryption? Author Super rabbit and WinRAR both software for...

7.2AI score
Exploits0
seebug
seebug
added 2006/12/08 12:0 a.m.18 views

trivial proof of concept code for F-Prot 4.6.6 .ACE DoS

No description provided by source. fprot1.py - trivial proof of concept code for F-Prot 4.6.6 .ACE DoS Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/12/04 12:0 a.m.11 views

F-Prot AntiVirus 4.6.6 - ACE Denial of Service

F-Prot AntiVirus 4.6.6 - ACE Denial of Service fprot1.py - trivial proof of concept code for F-Prot 4.6.6 .ACE DoS Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2006/11/27 12:0 a.m.42 views

QBIK Wingate DoS

Nedless loop on compressed DNS requests processing...

1.7AI score
Exploits0References1Affected Software1
nessus
nessus
added 2006/11/27 12:0 a.m.35 views

WinGate DNS Compressed Name Pointer DoS

The remote host appears to be running WinGate, a Windows application for managing and securing Internet access. The version of WinGate installed on the remote host contains a flaw involving the processing of DNS requests with compressed name pointers. By sending a specially crafted DNS request to...

5CVSS5.6AI score0.01762EPSS
Exploits0References4
cve
cve
added 2006/11/10 10:0 p.m.49 views

CVE-2006-5487

CVE-2006-5487 affects Marshal MailMarshal products: SMTP 5.x, 6.x, 2006, and MailMarshal for Exchange 5.x. The root cause is improper sandboxing during ARJ attachment extraction, allowing directory traversal via "../" in filenames to place or write files in arbitrary locations. Reports describe p...

10CVSS6.9AI score0.0388EPSS
Exploits0References9Affected Software1
debiancve
debiancve
added 2006/10/16 11:0 p.m.44 views

CVE-2006-5295

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service scanning service crash via a crafted Compressed HTML Help CHM file that causes ClamAV to "read an invalid memory location."...

5CVSS5.9AI score0.10739EPSS
Exploits0
nessus
nessus
added 2006/10/14 12:0 a.m.52 views

Debian DSA-1018-2 : kernel-source-2.4.27 - several vulnerabilities

The original update lacked recompiled ALSA modules against the new kernel ABI. Furthermore, kernel-latest-2.4-sparc now correctly depends on the updated packages. For completeness we're providing the original problem description : Several local and remote vulnerabilities have been discovered in t...

7.8CVSS6.4AI score0.05357EPSS
Exploits11References33
ubuntu
ubuntu
added 2006/09/20 12:48 a.m.111 views

USN-349-1: gzip vulnerabilities

Tavis Ormandy discovered that gzip did not sufficiently verify the validity of gzip or compress archives while unpacking. By tricking an user or automated system into unpacking a specially crafted compressed file, this could be exploited to execute arbitrary code with the user's privileges...

7.5CVSS6AI score0.05641EPSS
Exploits1
Rows per page
Query Builder