PT-2005-1545 · Curl +1 · Curl +1

Name of the Vulnerable Software and Affected Versions: cURL versions 7.12.1 and possibly other versions Description: The issue arises from multiple stack-based buffer overflows in libcURL and cURL, allowing remote malicious web servers to execute arbitrary code. This occurs when base64 encoded...

CVE-2005-0453

The bufferurldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 null character after the file extension...

GLSA-200501-19 : imlib2: Buffer overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200501-19 imlib2: Buffer overflows in image decoding Pavel Kankovsky discovered that several buffer overflows found in the libXpm library see GLSA 200409-34 also apply to imlib see GLSA 200412-03 and imlib2. He also fixed a number...

GLSA-200501-37 : GraphicsMagick: PSD decoding heap overflow

The remote host is affected by the vulnerability described in GLSA-200501-37 GraphicsMagick: PSD decoding heap overflow Andrei Nigmatulin discovered that handling a Photoshop Document PSD file with more than 24 layers in ImageMagick could trigger a heap overflow GLSA 200501-26. GraphicsMagick is...

GLSA-200501-06 : tiff: New overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200501-06 tiff: New overflows in image decoding infamous41md found a potential integer overflow in the directory entry count routines of the TIFF library CAN-2004-1308. Dmitry V. Levin found another similar issue in the tiffdump...

CVE-2005-0054

CVE-2005-0054 is a remote-code-execution vulnerability in Internet Explorer 5.01/5.5/6 where specially crafted HTML/URLs cause IE to interpret a page in the wrong security zone, potentially executing code in the Local Machine zone. The issue stems from how encoded hostnames are parsed for URLs, e...

CVE-2005-0054

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decodin...

Microsoft Internet Explorer URI Decoding Vulnerability

Description Microsoft Internet Explorer is prone to a vulnerability related to URI decoding. A bug in how the browser parses encoded URI data may allow zone bypass. As a result, it is possible to force the browser to interpret Web content in the Local Zone. This could be exploited to execute...

Microsoft Internet Explorer contains URL decoding cross-domain vulnerability

Overview A URL decoding vulnerability in Microsoft Internet Explorer may allow remote attackers to bypass zone security restrictions and execute arbitrary code on affected systems. Description IE uses a cross-domain security model to maintain separation between browser frames from different...

Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow (PoC)

/ by Luigi Auriemma / include include include include / Painkiller packet's password encoder/decoder 0.1 by Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org INTRODUCTION ============ When you want to join a password protected game server of Painkiller...

tiff: New overflows in image decoding

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description infamous41md found a potential integer overflow in the directory entry count routines o...

CVE-2004-2265

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact...

CVE-2004-2265

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact...

CVE-2004-1315

Summary: CVE-2004-1315 affects phpBB 2.x prior to 2.0.11. The vulnerability stems from improper URL decoding of the highlight parameter in viewtopic.php, allowing a remote attacker to double-encode the highlight value so that PHP exec runs arbitrary code. Exploited in the wild by the Santy.A worm...

DEBIAN-CVE-2004-2265

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact...

CVE-2004-2265

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact...

security flaw

Cross-site scripting XSS vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML...

[Full-Disclosure] [ GLSA 200412-03 ] imlib: Buffer overflows in image decoding

Gentoo Linux Security Advisory GLSA 200412-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

imlib: Buffer overflows in image decoding

Background imlib is an advanced replacement library for image manipulation libraries like libXpm. It is called by numerous programs, including gkrellm and several window managers, to help in displaying images. Description Pavel Kankovsky discovered that several overflows found in the libXpm libra...

GLSA-200412-03 : imlib: Buffer overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200412-03 imlib: Buffer overflows in image decoding Pavel Kankovsky discovered that several overflows found in the libXpm library see GLSA 200409-34 also applied to imlib. He also fixed a number of other potential flaws. Impact : ...