Debian DSA-779-2 : mozilla-firefox - several vulnerabilities

We experienced that the update for Mozilla Firefox from DSA 779-1 unfortunately was a regression in several cases. Since the usual praxis of backporting apparently does not work, this update is basically version 1.0.6 with the version number rolled back, and hence still named 1.0.4-. For...

mfsa2005-47exploit.txt

// Exploit by Michael Krax Firewalling - Proof-of-Concept function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the real image got loaded window.setTimeout"window.stop",1000; Firewalling - Proof-of-Concept The "Set As Wallpaper" dialog takes...

FreeBSD : cyrus-imapd -- multiple buffer overflow vulnerabilities (b2d248ad-88f6-11d9-aa18-0001020eed82)

The Cyrus IMAP Server ChangeLog states : - Fix possible single byte overflow in mailbox handling code. - Fix possible single byte overflows in the imapd annotate extension. - Fix stack-based buffer overflows in fetchnews exploitable by peer news server, backend exploitable by admin, and in imapd...

GLSA-200505-07 : libTIFF: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200505-07 libTIFF: Buffer overflow Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Impact :...

libTIFF: Buffer overflow

Background libTIFF provides support for reading and manipulating TIFF Tag Image File Format images. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Impac...

Woltlab Burning Board XSS / SQL Injection Vulnerabilities

Binary data 2848.prm...

HP-UX PHSS_28099 : HP-UX Running Apache, Increased Privileges or Denial of Service (DoS) or Execution of Arbitrary Code (HPSBUX00224 SSRT2393 rev.3)

s700800 11.04 Virtualvault 4.6 OWS update : Potential vulnerability regarding ownership permissions of System V shared memory based scoreboards. CERT VU825353, CVE CAN-2002-0839 Potential cross-site scripting vulnerability in the default error page when using wildcard DNS. CERT VU240329, CVE...

HP-UX PHSS_27371 : HP-UX Running Apache, Remote Denial of Service (DoS) or Elevation Privilege, or Execution of Arbitrary Code (HPSBUX00197 SSRT2332 rev.11)

s700800 11.04 Virtualvault 4.5 OWS update : A potential remotely exploitable vulnerability in handling of large data chunks in Apache-based web servers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS27371...

HP-UX PHSS_28683 : HP-UX running CDE, Remote Unauthorized Privileged Access, Execution of Arbitrary Code (HPSBUX00263 SSRT2373 rev.3)

s700800 11.22 CDE Applications Periodic Patch : Potential security vulnerabilities in CDE libraries and programs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS28683. The text itself is copyright C...

CVE-2003-1091

CVE-2003-1091 : Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via malformed ID3 tags in MP3 files. Affected: MP3Broadcaster component within the QuickTime/Dar...

HP-UX PHSS_32140 : s700_800 11.04 Virtualvault 4.7 IWS update

s700800 11.04 Virtualvault 4.7 IWS update : Two security vulnerabilities have been reported in Apache HTTP server http://httpd.apache.org/ versions prior to Apache 1.3.33 that may allow a Denial of Service DoS attack and execution of arbitrarty code. %NASLMINLEVEL 70300 C Tenable Network Security...

HP-UX PHSS_30172 : HP-UX XFree86, Remote Unauthorized Privileged Access, Execution of Arbitrary Code (HPSBUX01018 SSRT4692 rev.2)

s700800 11.22 Xserver cumulative patch : A potential security vulnerability has been identified with HP UX, where a buffer overflow in XFree86 could be remotely exploited to gain unauthorized privileged access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch...

unace -- multiple vulnerabilities

Ulf Härnhammar reports: There are buffer overflows when extracting, testing or listing specially prepared ACE archives. There are directory traversal bugs when extracting ACE archives. There are also buffer overflows when dealing with long 17000 characters command line arguments. Secunia reports:...

USN-62-1: imagemagick vulnerability

Andrei Nigmatulin discovered a potential buffer overflow in the PhotoShop Document image decoding function of ImageMagick. Decoding a malicious PSD image which specifies more than the allowed 24 channels might result in execution of arbitrary code with the user's privileges. Since ImageMagick can...

mpg123 -- buffer overflow vulnerability

Yuri D'Elia has found a buffer overflow vulnerability in mpg123's parsing of frame headers in input streams. This vulnerability can potentially lead to execution of arbitrary code with the permissions of the user running mpg123, if the user runs mpg123 on a specially crafted MP2 or MP3 file...

GREED 0.81 - .GRX File List Buffer Overflow

GREED 0.81 - .GRX File List Buffer Overflow source: https://www.securityfocus.com/bid/12033/info greed Get and Resume Elite Edition is prone to a buffer overflow vulnerability. The issue is exposed when the client processes GRX file lists. GRX file lists allow file downloads to be scripted. Since...

GLSA-200408-20 : Qt: Image loader overflows

The remote host is affected by the vulnerability described in GLSA-200408-20 Qt: Image loader overflows There are several unspecified bugs in the QImage class which may cause crashes or allow execution of arbitrary code as the user running the Qt application. These bugs affect the PNG, XPM, BMP,...

DSA-529 netkit-telnet-ssl - format string

Bulletin has no description...

ByteCatcher FTP Client 1.0.4 - Server Banner Buffer Overflow

ByteCatcher FTP Client 1.0.4 - Server Banner Buffer Overflow source: https://www.securityfocus.com/bid/6762/info It has been reported that ByteCatcher FTP client may be prone to a buffer overflow condition. This issue is due to the client not implementing bounds checking on banner data copied int...

[SECURITY] [DSA 159-1] New Python packages fix insecure temporary file use

-------------------------------------------------------------------------- Debian Security Advisory DSA 159-1 [email protected] http://www.debian.org/security/ Martin Schulze August 28th, 2002 http://www.debian.org/security/faq -...