Stack overflow

Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string...

CVE-2009-4006

Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string...

CVE-2009-4006

Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string...

Serv-U FTP服务器TEA解码栈溢出漏洞

BUGTRAQ ID: 37051 Serv-U FTP是一款FTP服务程序。 Serv-U FTP服务器中使用TEA解码算法处理字符串的16进制表示的函数中存在栈溢出漏洞，远程攻击者可以通过提交超长字符串来触发这个溢出，导致执行任意代码。 RhinoSoft Serv-U 9.0.0.5 厂商补丁： RhinoSoft --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.serv-u.com/...

Secunia Research: RhinoSoft Serv-U TEA Decoding Buffer Overflow

====================================================================== Secunia Research 18/11/2009 - RhinoSoft Serv-U TEA Decoding Buffer Overflow - ====================================================================== Table of Contents Affected...

[SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1931-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 08, 2009 http://www.debian.org/security/faq -...

xpdf/poppler: SplashBitmap integer overflow

Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service application crash...

openSUSE 10 Security Update : poppler (poppler-6319)

This update of poppler: fix various security bugs that occur while decoding JBIG2 CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183. Further a denial of service bug in function...

openSUSE 10 Security Update : gstreamer010-plugins-good (gstreamer010-plugins-good-6295)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...

SuSE 11 Security Update : glib2 (SAT Patch Number 817)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2008-4316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

SuSE 10 Security Update : libsoup (ZYPP Patch Number 6223)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0585 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

JScript Scripting Engine Web Pages Decoding Code Execution (MS09-045; CVE-2009-1920)

JScript is an interpreted, object-based scripting language that is often used to make Web sites more flexible or interactive. A remote code execution vulnerability has been reported in the way that the JScript scripting engine decodes script in Web pages. The vulnerability is due to a memory...

Adobe Acrobat / Reader code execution

Vulnerability is used in-the-wild for hidden malware installations. Recomendations are to disable PDF displaying inside browser and Javascript in PDF documents. Buffer overflow in JBIG2 decoding, buffer overflow in getIcon javascript function...

Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious web page or open a malicious JNLP file. The specific flaw exists within the code responsible for handling...

Fedora Core 10 FEDORA-2009-7717 (mingw32-libtiff)

The remote host is missing an update to mingw32-libtiff announced via advisory FEDORA-2009-7717. OpenVAS Vulnerability Test $Id: fcore20097717.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7717 mingw32-libtiff Authors: Thomas Reinke Copyright:...

Fedora Core 10 FEDORA-2009-7724 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7724. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora Core 11 FEDORA-2009-7775 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7775. OpenVAS Vulnerability Test $Id: fcore20097775.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7775 libtiff Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 10 FEDORA-2009-7717 (mingw32-libtiff)

The remote host is missing an update to mingw32-libtiff announced via advisory FEDORA-2009-7717. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright...

Fedora Core 11 FEDORA-2009-7775 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7775. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...