[SECURITY] Fedora 9 Update: apr-util-1.2.12-7.fc9

The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more...

CVE-2009-0228

Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service win32spl.dll in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC request, related to "printing data structures," aka...

CVE-2009-0227

Stack-based buffer overflow in the PowerPoint 4.2 conversion filter PP4X32.DLL in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a file that uses a PowerPoint 4.0 native file format,...

FreeBSD Security Advisory (FreeBSD-SA-09:07.libc.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:07.libc.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

windows Driver vulnerability discovery and use-vulnerability and early warning-the black bar safety net

Information source: evil octal information security teamwww.eviloctal.com to Article author: Anibal Sacco Translation author: r! usksk（springs brother: http://riusksk.blogbus.com to Note: this article starting the hackers Defense of, after the translation the original author of friendship submitt...

SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5734)

This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues. The following security issues are addressed : - fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local use...

Wireshark Multiple Vulnerabilities (Oct 2008) - Windows

Wireshark is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark";...

openSUSE 10 Security Update : kernel (kernel-5700)

The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes. CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3528: The ext234 filesystem code fail...

Microsoft SQL Server On-Disk MTF Data Structures Remote Memory Corruption Vulnerability

Description Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code in the context of the server. Failed attacks will likely caus...

Code injection

Unspecified vulnerability in Microsoft Malware Protection Engine mpengine.dll 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service disk space exhaustion via a file with "crafted data structures" that trigger the creatio...

CVE-2008-1438

CVE-2008-1438 concerns the Microsoft Malware Protection Engine (mpengine.dll) (versions 1.1.3520.0 and 0.1.13.192) used in multiple Microsoft products. A denial-of-service exists when parsing certain files with “crafted data structures,” causing disk-space exhaustion and automatic engine restart....

CVE-2008-1438

Unspecified vulnerability in Microsoft Malware Protection Engine mpengine.dll 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service disk space exhaustion via a file with "crafted data structures" that trigger the creatio...

[SECURITY] Fedora 8 Update: glib2-2.14.6-1.fc8

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides versi...

BitchX 1.1-final (EXEC) Remote Command Execution Exploit

No description provided by source. / Name: PBXS - Pointless BitchX Sploit Author: clarity Infected Versions: 1.1-final and others? Synopsis: BitchX suffers from a unchecked bounds in a hash table in hook.c where one can inject data structures allowing for the remote execution of commands! Usage:...

BitchX 1.1-final - 'EXEC' Remote Command Execution

/ Name: PBXS - Pointless BitchX Sploit Author: clarity Infected Versions: 1.1-final and others? Synopsis: BitchX suffers from a unchecked bounds in a hash table in hook.c where one can inject data structures allowing for the remote execution of commands! Usage: Execute "gcc -o pbxs pbxs.c; ./pbxs...

BitchX 1.1-final (EXEC) Remote Command Execution Exploit

Exploit for linux platform in category remote exploits ======================================================== BitchX 1.1-final EXEC Remote Command Execution Exploit ======================================================== / Name: PBXS - Pointless BitchX Sploit Author: clarity Infected Versions:...

Authentication flaw

eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures...

CVE-2007-2638

eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures...

CVE-2007-2638

eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures...

CVE-2006-6102

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...