UBUNTU-CVE-2014-8541

libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via...

Apple Quicktime multiple security vulnerabilities

Memory corruptions on video decoding, MIDI and m4a...

Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure

Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure !/usr/bin/perl Exploit Author: Sebastián Magof Hardware: Modem Nucom ADSL R5000UNv2 Software Version: R5TC008 Vulnerable file: guidewan.html location: http://gateway/telecomGUI/guidewan.html Bug: ISP usr+pwd disclosure Type: Local Date: 24/09/20...

libav / ffmpeg memory corruption

Memory corruption on FFV1 decoding...

Updated glibc packages fix multiple security vulnerabilities

Tavis Ormandy discovered a heap-based buffer overflow in the transliteration module loading code. As a result, an attacker who can supply a crafted destination character set argument to iconv-related character conversation functions could achieve arbitrary code execution. This update removes...

Linux/x86-64 - shutdown -h now Shellcode (64 bytes)

Linux/x86-64 - shutdown -h now Shellcode 64 bytes. Shellcode exploit for Linuxx86-64 platform ; =================================================================== ; Optimized version of shellcode at: ; http://shell-storm.org/shellcode/files/shellcode-877.php ; Author: SLAE64-1351 Keyman ; Date:...

Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode (105 bytes)

Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode 105 bytes. Shellcode exploit for Linuxx86-64 platform ; =================================================================== ; Optimized version of shellcode at: ; http://shell-storm.org/shellcode/files/shellcode-867.php ; Author:...

Mozilla Thunderbird Multiple Vulnerabilities-02 (Sep 2014) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox ESR Multiple Vulnerabilities-02 (Sep 2014) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox ESR Multiple Vulnerabilities-02 (Sep 2014) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox Multiple Vulnerabilities-01 (Sep 2014) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Python Imaging Library DoS

DoS on icns decoding...

What does a pointer look like, anyway?

Posted by Chris Evans, Renderer of Modern Art In Adobe’s August 2014 Flash Player security update, we see: These updates resolve memory leakage vulnerabilities that could be used to bypass memory address randomization CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545. I...

OpenJDK: XXE issue in decoder (Beans, 8023245)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the Janua...

Oracle Linux 7 : libtasn1 (ELSA-2014-0687)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0687 advisory. 3.3-5 - Added missing check for null pointer 1102338 3.3-4 - Fix multiple decoding issues 1102338 Tenable has extracted the preceding description block...

libtasn1 security update

3.3-5 - Added missing check for null pointer 1102338 3.3-4 - Fix multiple decoding issues 1102338...

[SECURITY] Fedora 20 Update: lz4-r119-1.fc20

LZ4 is an extremely fast loss-less compression algorithm, providing compres sion speed at 400 MB/s per core, scalable with multi-core CPU. It also features an extremely fast decoder, with speed in multiple GB/s per core, typically reaching RAM speed limits on multi-core systems...

AdaptCMS 2.0.4 (config.php, question parameter) SQL Injection Vulnerability

No description provided by source. Exploit Title: AdaptCMS = 2.0.4 SQL Injection vulnerability Date: 26/10/2012 Exploit Author: Kallimero Vendor Homepage: http://www.adaptcms.com/ Software Link: http://www.insanevisions.com/page/3/Downloads/ Version: 2.0.4 Tested on: Debian Introduction...

PassWD 1.2 Weak Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1300/info PassWd 1.2 is a password management utility designed to store user login information to various URLs. The login information, which includes username, password and link location is stored in the pass.dat file whi...

phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution (2)

No description provided by source. !/usr/bin/perl phpRPC =0.7 Remote Command Execution Exploit based on: http://www.gulftech.org/?node=research&articleid=00105-02262006 Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to...