5186 matches found
Buffer overflow
Buffer overflow in the log2visutf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original...
CVE-2010-3444
Buffer overflow in the log2visutf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original...
CVE-2010-3444
Buffer overflow in the log2visutf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original...
CVE-2010-3865
Integer overflow in the rdsrdmapages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service crash and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets RDS request, which triggers a buffer overflow...
RealNetworks RealPlayer Multiple Vulnerabilities (Windows) - Dec10
This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbrealplayermultvulnwin04dec10.nasl 5373 2017-02-20 16:27:48Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Windows - Dec10 Authors: Sooraj KS Copyright: Copyright c 2010...
Mandriva Update for mozilla-thunderbird MDVSA-2010:258 (mozilla-thunderbird)
Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2010:258 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
CVE-2010-4557
Buffer overflow in the lmtcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted request to port 9001...
CVE-2010-4376
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a...
Mura CMS - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/45384/info Mura CMS is prone to multiple cross-site-scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
CVE-2010-3766
Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node...
CVE-2010-3777
Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...
CVE-2010-3778
Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...
CVE-2010-4261
Off-by-one error in the iconcb function in peicons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third...
Mandriva Update for wireshark MDVSA-2010:242 (wireshark)
Check for the Version of wireshark OpenVAS Vulnerability Test Mandriva Update for wireshark MDVSA-2010:242 wireshark Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...
Viscom Image Viewer CP Gold 5.5 - 'Image2PDF()' Remote Buffer Overflow (Metasploit)
Image Viewer CP gold v5.5 Buffer Overflow Found by: bz1p AT bshellz.net Impact: Low, NOT marked safe for scripting or initializing CVE: ? 0day msf exploitimageviewercpgold Sending exploit to 172.17.120.211:1061... Sending stage 749056 bytes to 172.17.120.211 Meterpreter session 1 opened...
Mandriva Linux Security Advisory : wireshark (MDVSA-2010:242)
This advisory updates wireshark to the latest version 1.2.13, fixing one security issue : Heap-based buffer overflow in the dissectldsstransfer function epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a...
Buffer overflow
Buffer overflow in the ftvarreadpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted TrueType GX font...
Ubuntu Update for openssl vulnerability USN-1018-1
Ubuntu Update for Linux kernel vulnerabilities USN-1018-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10181.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for openssl vulnerability USN-1018-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
CVE-2010-3811
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving element attributes...
CVE-2010-3818
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving inline text boxes...