27 matches found
CVE-2011-3952
The decodeinit function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large palette size...
CVE-2008-1582
Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted AAC-encoded file that triggers memory corruption...
CVE-2006-5617
Directory traversal vulnerability in index.php in Thepeak File Upload Manager 1.3 allows remote attackers to read or download arbitrary files via a base64-encoded file path containing a .. dot dot sequence in the file parameter...
CVE-2006-3006
Cross-site scripting XSS vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter...
CVE-2006-3006
Cross-site scripting XSS vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter...
CVE-2005-0926
Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via attachments with MIME-encoded file names...
CVE-2005-0926
Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via attachments with MIME-encoded file names...