CVE-2008-2935

Multiple heap-based buffer overflows in the rc4 1 encryption aka exsltCryptoRc4EncryptFunction and 2 decryption aka exsltCryptoRc4DecryptFunction functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containin...

CVE-2008-2935

Multiple heap-based buffer overflows in the rc4 1 encryption aka exsltCryptoRc4EncryptFunction and 2 decryption aka exsltCryptoRc4DecryptFunction functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containin...

CVE-2008-2935

CVE-2008-2935 affects libxslt 1.1.8–1.1.24 via heap-based buffer overflows in the RC4 S-Box code in libexslt (exsltCryptoRc4EncryptFunction/exsltCryptoRc4DecryptFunction). An XML stylesheet containing a long string as an argument in the XSL input could allow a context-dependent attacker to execut...

CVE-2008-2935

Multiple heap-based buffer overflows in the rc4 1 encryption aka exsltCryptoRc4EncryptFunction and 2 decryption aka exsltCryptoRc4DecryptFunction functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containin...

CVE-2008-2935

Multiple heap-based buffer overflows in the rc4 1 encryption aka exsltCryptoRc4EncryptFunction and 2 decryption aka exsltCryptoRc4DecryptFunction functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containin...

libxslt: buffer overflow in libexslt RC4 encryption/decryption functions

Multiple heap-based buffer overflows in the rc4 1 encryption aka exsltCryptoRc4EncryptFunction and 2 decryption aka exsltCryptoRc4DecryptFunction functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containin...

libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow

libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow source: https://www.securityfocus.com/bid/30467/info The 'libxslt' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attack...

IPSwitch IMail Server <= 8.1 Local Password Decryption Utility

No description provided by source. / IpSwitch IMail Server = ver 8.1 User Password Decryption by Adik netmaniac hotmail KG IpSwitch IMail Server uses weak encryption algorithm to encrypt its user passwords. It uses polyalphabetic Vegenere cipher to encrypt its user passwords. This encryption sche...

Encrypt your Malaysia-vulnerability warning-the black bar safety net

Everyone in the invasion should be picked up by someone else's Webshell? Maybe some Malaysia function very well, so you just use that, but you didn't think the horse may have a back door? Now a lot of Malaysian are encrypted, open when a garbled, is not also want to encrypt their high-powered,...

Quickly recover Word, Excel password-vulnerability warning-the black bar safety net

I give a important Word file plus a password, for security settings was more complex, did not think the time of use Forgot Password, but put your own barrier to the outside. Have to unlock a good way? Rushed to action: you can use Office Password Remover to save in a hurry. Download this green...

InfoBarrier4 self-decrypted file vulnerability

Overview InfoBarrier4 provided by FFC Limited contains a vulnerability in self-decrypted files created using InfoBarrier4 encryption. Impact The third party could view the contents of self-decrypted files or obtain the passwords used for self-decryption. Solution None...

DotNetNuke 4.8.1 - Default ValidationKey and DecriptionKey Weak Encryption

DotNetNuke 4.8.1 - Default ValidationKey and DecriptionKey Weak Encryption source: https://www.securityfocus.com/bid/28391/info DotNetNuke is prone to a weak encryption vulnerability. An attacker can exploit this issue to decrypt sensitive data. Information obtained may lead to further attacks...

Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products

Luigi Auriemma Application: Trend Micro OfficeScan Corporate Edition http://us.trendmicro.com/us/products/enterprise/officescan-client-server-edition/ other Trend Micro products could be affected by this vulnerability since it's located in a function used to decrypt a specific type of passwords...

Database system security vulnerability excavations-vulnerability warning-the black bar safety net

Today, in the virus raging, hacking the ubiquitous network environment where software security has become a concern of the topic. Traditional software security main concern is that the permissions and roles of management, such as access control or data confidentiality and integrity, such as...

Meridian Prolog Manager uses weak authentication to store and transmit user credentials

Overview Meridian Systems Prolog Manager does not use strong encryption and returns a list of all user credentials when authenticating clients. These behaviors could allow an attacker to obtain user credentials and decrypt passwords. Description Meridian Systems Prolog Manager is a set of...

Security crisis crack USB disk encryption tool encryption principles-vulnerability warning-the black bar safety net

The use of U disk, mobile hard disk encryption tool encryption folder, I use file Sniffer tool also can't see the encrypted real files, when with a Duba scanning found, it seems like these files are hidden stored in/Thumbs. dn/7./ Where that 7. The 7 is sometimes other numbers, but I directly so...

Fedora 7 : xpdf-3.02-1.fc7 (2007-1383)

Changes since 3.01: Added anti-aliasing for vector graphics; added the vectorAntialias xpdfrc option; added the '-aaVector' switch to xpdf and pdftoppm. Implemented stroke adjustment always enabled by default, ignoring the SA parameter, to match Adobe's behavior, and added the strokeAdjust xpdfrc...

CVE-2002-2303

3D3.Com ShopFactory 5.8 is affected by a vulnerability where client-side encryption and decryption of sensitive price data enables remote attackers to modify shopping cart prices by using JavaScript to decrypt the cookie containing the data. This indicates a weakness in where price data is stored...

CVE-2004-2721

The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages...

High-speed crack winzip password-uzpc3. 0-vulnerability warning-the black bar safety net

Often on TV, newspaper, or even on the web ever heard of the hacker's name. They are elusive, depending on a variety of network security measures as nothing, any obstacle, any password for them just a piece of cake. The author ask himself no matter if those hackers did with writing their own tool...