3201 matches found
CVE-2007-6337
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlibprivate.h in ClamAV before 0.92 has unknown impact and remote attack vectors...
CVE-2007-6337
CVE-2007-6337 refers to a vulnerability in the bzip2 decompression code used by clamav (nsis/bzlib_private.h) prior to version 0.92. The connected documents corroborate that this family of issues includes CVE-2007-6335, CVE-2007-6336, and CVE-2007-6337 and indicate vendor advisories and updates t...
ClamAV: Multiple vulnerabilities
Background Clam AntiVirus is a free anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description iDefense reported an integer overflow vulnerability in the cliscanpe function when parsing Portable Executable PE files packed in the MEW format, that could be...
Debian DSA-1435-1 : clamav - several vulnerabilities
Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-6335 It was discovered that an integer overflow in the decompression code for MEW archives may lead to the execution ...
[SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1435-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 19, 2007 http://www.debian.org/security/faq -...
JVN#82610488 Lhaplus buffer overflow vulnerability
Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user decompresses a specially crafted file, an attacker could execute arbitrary code with the privilege of the user. This vulnerability is different from...
JVN#70734805 Lhaplus buffer overflow vulnerability
Lhaplus, software for compression and decompression supporting various compressed file formats, contains a buffer overflow vulnerability. If a user opens a specially crafted file, arbitrary code could be executed with the privilege of the user. Impact Arbitrary code could be executed with the...
JVN#62868899 7-ZIP32.DLL buffer overflow vulnerability
7-ZIP32.DLL is an open source library for compression and decompression supporting 7z, zip, and some other format files. 7-ZIP32.DLL is based on "Integrated Archiver API Specification", and called from the compression/decompression software. 7-ZIP32.DLL contains a buffer overflow vulnerability. I...
Heap overflow
Heap-based buffer overflow in the Huffman decompression algorithm implemented in Skulltag 0.97d-beta4.1 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet...
CVE-2007-4537
Heap-based buffer overflow in the Huffman decompression algorithm implemented in Skulltag 0.97d-beta4.1 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet...
Heap overflow in Skulltag 0.97d-beta4.1
Luigi Auriemma Application: Skulltag http://www.skulltag.com Versions: = 0.97d-beta4.1 Platforms: Windows and Linux Bug: heap-overflow Exploitation: remote, versus server Date: 23 Aug 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...
Debian DSA-1320-1 : clamav - several vulnerabilities
Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2650 It was discovered that the OLE2 parser can be tricked into an infinite loop and memory exhaustion. - CVE-2007-30...
Design/Logic Flaw
Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted LHA archive, related to an integer wrap, a similar issu...
ZOO - .ZOO Decompression Infinite Loop Denial of Service (PoC)
ZOO - .ZOO Decompression Infinite Loop Denial of Service PoC / Exploit for the vulnerability: Multiple vendors ZOO file decompression infinite loop DoS coded by Jean-Sébastien Guay-Leroux September 2006 / include include include // Structure of a ZOO header define ZOOHEADERSIZE 0x0000002a define...
Multiple vendors ZOO file decompression Infinite Loop DoS PoC
Exploit for multiple platform in category dos / poc ============================================================= Multiple vendors ZOO file decompression Infinite Loop DoS PoC ============================================================= / Exploit for the vulnerability: Multiple vendors ZOO file...
ZOO - '.ZOO' Decompression Infinite Loop Denial of Service (PoC)
/ Exploit for the vulnerability: Multiple vendors ZOO file decompression infinite loop DoS coded by Jean-Sébastien Guay-Leroux September 2006 / include include include // Structure of a ZOO header define ZOOHEADERSIZE 0x0000002a define ZHTEXT 0 define ZHTAG 20 define ZHSTARTOFFSET 24 define...
CVE-2007-1281
Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service CPU consumption via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression...
Kaspersky Anti-Virus UPX File Decompression DoS
The version of Kaspersky Anti-Virus installed on the remote host reportedly may enter an infinite loop when it attempts to process an executable with specially crafted compressed UPX data. A remote attacker may be able to exploit this issue to cause the affected host to consume all available CPU...
Integer overflow
Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue...
With ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net
In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad daylight easy to be found,open your own ftp and not assured. Your own online in a circle is found by combining the non-component upload asp Trojan can be easily achieve...