DEBIAN-CVE-2011-2939

Off-by-one error in the decodexs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service memory corruption via a crafted Unicode string, which triggers a heap-based buffer overflow...

CVE-2011-2939

Off-by-one error in the decodexs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service memory corruption via a crafted Unicode string, which triggers a heap-based buffer overflow...

Lighttpd Proof of Concept code for CVE-2011-4362

29 of November 2011 was the date of public disclosure interesting vulnerability in lighttpd server. Xi Wang discovered that modauth for this server does not propely decode characters from the extended ASCII table. The vulnerable code is below: "src/httpauth.c:67" --- CUT --- static const short...

DEBIAN-CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

PHPCMS_V9 /modules/comment/index.php 本地包含漏洞

由于PHPCMSV9文件attachments.php的未验证上传用户权限，可以上传文件仅图片。加上其他文件存在可以截断的本地包含漏洞，导致包含任意文件并获取webshell 文件\phpcms\modules\attachment\attachments.php codepublic function cropupload if isset$GLOBALS"HTTPRAWPOSTDATA" $pic = $GLOBALS"HTTPRAWPOSTDATA"; …… fileputcontents$this-uploadpath.$filepath.$newfile, $pic;/code...

jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409)

A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer such as Nautilus to crash or, potentially, execute arbitrary cod...

FFmpeg libavcodec "vmd decode()"堆缓冲区溢出漏洞

BUGTRAQ ID: 50880 CVE ID: CVE-2010-3429 FFmpeg是一个免费的可以执行音讯和视讯多种格式的录影、转档、串流功能的软件。 FFmpeg在“vmd decode”的实现上存在堆缓冲区溢出漏洞，攻击者可利用此漏洞执行任意代码，造成拒绝服务。 FFmpeg FFmpeg 0.8.7 FFmpeg FFmpeg 0.8.6 FFmpeg FFmpeg 0.8.6 FFmpeg FFmpeg 0.8.5 FFmpeg FFmpeg 0.8.5 FFmpeg FFmpeg 0.8.4 FFmpeg FFmpeg 0.8.3 FFmpeg FFmpeg 0.8....

CVE-2011-3362

Integer signedness error in the decoderesidualblock function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a...

DEBIAN-CVE-2011-3974

Integer signedness error in the decoderesidualinter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service incorrect write operation and application crash via an invalid bitstream in a Chinese AVS video aka CAVS file,...

DEBIAN-CVE-2011-3369

The addconversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an RPC packet, related to the getrpc function in decodeproto.c...

CVE-2011-3362

Integer signedness error in the decoderesidualblock function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a...

PDD - Packet Dump Decode Released

PDD - Packet Dump Decode Released PDD is an open-source program created by Srivats.Packet Dump Decode pdd is a simple convenient GUI wrapper around the Wireshark/Ethereal tools to convert packet hexdumps into well formatted xml containing the decoded protocols and protocol contents.You need to...

PDD - Packet Dump Decode Released

PDD - Packet Dump Decode Released PDD is an open-source program created by Srivats.Packet Dump Decode pdd is a simple convenient GUI wrapper around the Wireshark/Ethereal tools to convert packet hexdumps into well formatted xml containing the decoded protocols and protocol contents.You need to...

Discuz! X2 SQL injection vulnerability-vulnerability warning-the black bar safety net

Detailed description: File: source\module\forum\forumattachment.php if! defined'INDISCUZ' exit'Access Denied'; define'NOROBOT', TRUE; @list$G'gpaid', $G'gpk', $G'gpt', $G'gpuid', $G'gptableid' = explode'|', base64decode$G'gpaid'; if! empty$G'gpfindpost' && $attach = DB::fetchfirst"SELECT pid, tid...

DEBIAN-CVE-2011-2532

The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service infinite loop via invalid JSON data, as demonstrated by truncated data...

libtiff: buffer overflow in Fax4Decode

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF Internet Fax image file tha...

DEBIAN-CVE-2010-4704

libavcodec/vorbisdec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service application crash via a crafted .ogg file, related to the vorbisfloor0decode function. NOTE: this might overlap CVE-2011-0480...

CVE-2010-4704

libavcodec/vorbisdec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service application crash via a crafted .ogg file, related to the vorbisfloor0decode function. NOTE: this might overlap CVE-2011-0480...

PT-2011-1049 · Muscle +2 · Pcsc-Lite +2

Name of the Vulnerable Software and Affected Versions: pcsc-lite versions 1.5.3 through 1.6.6 pcsc-lite versions prior to 1.6.6 Description: The issue affects the pcsc-lite package, potentially leading to breaches of confidentiality, integrity, and availability of protected information. It can be...

Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (MS01-026) (Metasploit)

$Id: ms01026dbldecode.rb 11513 2011-01-08 00:25:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...