Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2009/09/10 12:0 a.m.27 views

GLSA-200909-06 : aMule: Parameter injection

The remote host is affected by the vulnerability described in GLSA-200909-06 aMule: Parameter injection Sam Hocevar discovered that the aMule preview function does not properly sanitize file names. Impact : A remote attacker could entice a user to download a file with a specially crafted file nam...

6.8CVSS5.7AI score0.0154EPSS
Exploits1References2
securityvulns
securityvulns
added 2009/06/24 12:0 a.m.38 views

[SECURITY] [DSA 1821-1] New amule packages fix insufficient input sanitising

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1821-1 [email protected] http://www.debian.org/security/ Steffen Joeris June 22, 2009 http://www.debian.org/security/faq -...

6.8CVSS0.2AI score0.0154EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/06/23 12:0 a.m.21 views

Debian DSA-1821-1 : amule - insufficient input sanitising

Sam Hocevar discovered that amule, a client for the eD2k and Kad networks, does not properly sanitise the filename, when using the preview function. This could lead to the injection of arbitrary commands passed to the video player. The oldstable distribution etch is not affected by this issue...

6.8CVSS5.4AI score0.0154EPSS
Exploits1References3
Debian
Debian
added 2009/06/22 11:45 p.m.22 views

[SECURITY] [DSA 1821-1] New amule packages fix insufficient input sanitising

------------------------------------------------------------------------ Debian Security Advisory DSA-1821-1 [email protected] http://www.debian.org/security/ Steffen Joeris June 22, 2009 http://www.debian.org/security/faq -...

6.8CVSS6.6AI score0.0154EPSS
Exploits1
NVD
NVD
added 2009/04/27 6:0 p.m.17 views

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

6.8CVSS6.7AI score0.0154EPSS
Exploits1References6
OSV
OSV
added 2009/04/27 6:0 p.m.3 views

DEBIAN-CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

6.8CVSS7AI score0.0154EPSS
Exploits1References1
CVE
CVE
added 2009/04/27 5:43 p.m.62 views

CVE-2009-1440

CVE-2009-1440 affects amule (eD2k/Kademlia client); the vulnerability is an incomplete blacklist in DownloadListCtrl.cpp that lets a remote attacker craft a filename to inject arguments into the user’s video player. Advisories (Debian DSA-1821-1, Gentoo GLSA-200909-06, OpenVAS, Nessus plugins) co...

6.8CVSS6.8AI score0.0154EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2009/04/27 5:43 p.m.23 views

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

6.8CVSS6.7AI score0.0154EPSS
Exploits1
Rows per page
Query Builder