CVE-2012-3482

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to 1 cause a denial of service crash and delayed delivery of inbound mail via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or 2 obtain sensitive informati...

CVE-2012-3482

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to 1 cause a denial of service crash and delayed delivery of inbound mail via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or 2 obtain sensitive informati...

openSUSE: Security Advisory for gimp (openSUSE-SU-2012:1080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMware Movie Decoder Installed

VMware Movie Decoder, which is used to play movies recorded by VMware Workstation, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid63112; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate",...

VMware Movie Decoder < 9.0 Path Subversion Arbitrary DLL Injection Code Execution (VMSA-2012-0014)

The version of VMware Movie Decoder installed on the remote host is earlier than 9.0 and is, therefore, affected by a DLL loading vulnerability. This issue potentially allows for a local attacker to execute custom code by writing a malicious executable into the same directory as the VMware Movie...

Ubuntu 11.04 / 11.10 / 12.04 LTS / 12.10 : python3.2 vulnerabilities (USN-1615-1)

It was discovered that Python distutils contained a race condition when creating the /.pypirc file. A local attacker could exploit this to obtain sensitive information. CVE-2011-4944 It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A...

bogofilter -- heap corruption by invalid base64 input

David Relson reports: Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz, FU Berlin, Germany...

VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0014 Synopsis: VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates Issue date: 2012-10-04 Updated on:...

Design/Logic Flaw

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory...

CVE-2012-4897

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory...

CVE-2012-4897

CVE-2012-4897 affects VMware Movie Decoder prior to 9.0. The advisory describes a binary planting vulnerability in the Movie Decoder installer that could let a local attacker run code by placing a malicious executable in the installer directory. VMware recommends upgrading to Movie Decoder 9.0 (a...

CVE-2012-4897

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory...

JPEGsnoop 1.5.2 <= WriteAV Arbitrary Code Execution Vulnerability

Exploit for windows platform in category local exploits !/usr/bin/perl JPEGsnoop 1.5.2 Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports all image metadata and can even help identify if an image has...

JPEGsnoop 1.5.2 Code Execution

!/usr/bin/perl JPEGsnoop 1.5.2 Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports all image metadata and can even help identify if an image has been edited. Debug info: Microsoft R Windows Debugger...

JPEGsnoop 1.5.2 - WriteAV Crash (PoC)

JPEGsnoop 1.5.2 - WriteAV Crash PoC !/usr/bin/perl JPEGsnoop 1.5.2 Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports all image metadata and can even help identify if an image has been edited. Debug...

VMSA-2012-0014:VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates

VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0014 VMware Security Advisory Synopsis: VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates VMware Security...

Slackware Advisory SSA:2008-111-01 xine-lib

The remote host is missing an update as announced via advisory SSA:2008-111-01. OpenVAS Vulnerability Test $Id: esoftslkssa200811101.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2009-116-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2008-111-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not...