UltraVNC < 1.0.5.4 ClientConnection Multiple Integer Overflow Vulnerabilities - Windows

UltraVNC is prone to multiple integer overflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TightVNC <= 1.3.9 ClientConnection Multiple Integer Overflow Vulnerabilities - Linux

TightVNC is prone to multiple integer overflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TightVNC ClientConnection Multiple Integer Overflow Vulnerabilities (Linux)

This host is running TightVNC and is prone to Multiple Integer Overflow Vulnerability. OpenVAS Vulnerability Test $Id: secpodtightvncmultintoverflowvulnlin.nasl 5148 2017-01-31 13:16:55Z teissa $ TightVNC ClientConnection Multiple Integer Overflow Vulnerabilities Linux Authors: Sujit Ghosal...

CVE-2009-0523

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

CVE-2009-0523

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

CVE-2009-0654

Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving 1 replaying, 2 modifying, 3 inserting, or 4 deleting a single cell, and then observing cell...

GraphicsMagick Multiple Vulnerabilities - Linux

GraphicsMagick graphics tool is prone to multiple buffer overflow/underflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Password is being logged for 500 errors

The user passwords are being exposed in the log files when a 500 error happens. The following Jira solved the problem for the information displayed in the user Browser: http://jira.atlassian.com/browse/CONF-12360...

CVE-2009-0388

Multiple integer signedness errors in 1 UltraVNC 1.0.2 and 1.0.5 and 2 TightVnc 1.3.9 allow remote VNC servers to cause a denial of service heap corruption and application crash or possibly execute arbitrary code via a large length value in a message, related to the a...

CVE-2009-0388

Multiple integer signedness errors in 1 UltraVNC 1.0.2 and 1.0.5 and 2 TightVnc 1.3.9 allow remote VNC servers to cause a denial of service heap corruption and application crash or possibly execute arbitrary code via a large length value in a message, related to the a...

CVE-2009-0388

CVE-2009-0388 affects UltraVNC and TightVNC: multiple integer overflow flaws in ClientConnection (CheckBufferSize/CheckFileZipBufferSize) can lead to heap corruption, Denial of Service, or possible code execution via crafted messages. OpenVAS and advisories show Windows/Linux variants and PoC usa...

KLA11371 ACE vulnerability in TightVNC

Integer signing errors were found in TightVNC. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed message. Original advisories - Exploitation Public exploits exist f...

KLA10364 ACE vulnerability in UltraVNC & TightVNC

Integer signing errors were found in UltraVNC & TightVNC. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed message. Original advisories - Related products UltraVNC...

CVE-2009-0136

Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service application crash or execute arbitrary code via an Audible Audio .aa file with a crafted 1 nlen or 2 vlen Tag...

CVE-2009-0136

Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service application crash or execute arbitrary code via an Audible Audio .aa file with a crafted 1 nlen or 2 vlen Tag...

CVE-2009-0136

Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service application crash or execute arbitrary code via an Audible Audio .aa file with a crafted 1 nlen or 2 vlen Tag...

CVE-2009-0136

The CVE-2009-0136 issue affects Amarok 1.4.10–2.0.1 through an insecure parsing path in Audible Audio (.aa) files. Specifically, multiple array index errors in Audible::Tag::readTag (metadata/audible/audibletag.cpp) can lead to an invalid pointer dereference or writing a 0x00 byte, after an alloc...

Mozilla Thunderbird < 2.0.0.19 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 2.0.0.19. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption. MFSA 2008-60 - XBL bindings can be used ...

Debian DSA-1690-1 : avahi - assert errors

Two denial of service conditions were discovered in avahi, a Multicast DNS implementation. Huge Dias discovered that the avahi daemon aborts with an assert error if it encounters a UDP packet with source port 0 CVE-2008-5081 . It was discovered that the avahi daemon aborts with an assert error if...