WordPress W3-Total-Cache Plugin 0.9.2.4 (or before) Username and Hash Extract

The W3-Total-Cache Wordpress Plugin 'WordPress W3-Total-Cache Plugin 0.9.2.4 or before Username and Hash Extract', 'Description' = "The W3-Total-Cache Wordpress Plugin = 0.9.2.4 can cache database statements and its results in files for fast access. Version 0.9.2.4 has been fixed afterwards so it...

DEBIAN-CVE-2011-3936

The dvextractaudio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a craft...

MSSQL Schema Dump

This module attempts to extract the schema from a MSSQL Server Instance. It will disregard builtin and example DBs such as master, model, msdb, and tempdb. The module will create a note for each DB found, and store a YAML formatted output as loot for easy reading. This module requires Metasploit:...

Windows Gather Trillian Password Extractor

This module extracts account password from Trillian & Trillian Astra v4.x-5.x instant messenger. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Trillian Password Extractor',...

PDF Extract TIFF 'pdf2tif.dll'缓冲区溢出漏洞

Bugtraq ID: 47322 PDF Extract TIFF用于从PDF文件中提取图像并且保存为TIFF格式，然后用Word, Adobe Photoshop之类的程序进行再次编辑。 解析PDF文件时pdf2tif.dll存在错误，攻击者可以构建恶意输入文件，诱使用户解析触发缓冲区溢出，可导致以应用程序上下文执行任意代码。插件也受此漏洞影响。 VeryPDF PDF Extract TIFF 厂商解决方案 用户可联系供应商下载最新版本： http://www.verypdf.com/...

VeryPDF PDF Extract TIFF library multiple security vulnerabilities

Multiple vulnerabilities on PDF parsing...

CVE-2011-0420

The graphemeextract function in the Internationalization extension Intl for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service crash via an invalid size argument, which triggers a NULL pointer dereference...

PHP < 5.2.15 Security Bypass Vulnerability

PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

CVE-2011-0752

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

Design/Logic Flaw

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

CVE-2011-0752

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

CVE-2011-0752

PHP 5.2.x before 5.2.15 is affected by an exploit in the extract function where EXTR_OVERWRITE can overwrite the GLOBALS array and the this variable, enabling context‑dependent attackers to bypass access restrictions by modifying data structures. The issue is tied to previous CVEs (2005/2006) and...

CVE-2011-0752

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

fastjar: directory traversal vulnerabilities

Absolute path traversal vulnerability in the extractjar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an...

FreeBSD : php -- corruption of $GLOBALS and $this variables via extract() method (f3148a05-0fa7-11e0-becc-0022156e8794)

Off-by-one error in the sanity validator for the extract method allowed attackers to replace the values of $GLOBALS and $this when mode EXTROVERWRITE was used. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeB...

Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)

Security Enhancements and Fixes in PHP 5.3.4 : - Fixed crash in zip extract method possible CWE-170. - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed a possible double free in imap extension Identified by Mateusz Kocielski. CVE-2010-4150. - Fixed NULL...

PHP Zip Extract method denial of service vulnerability-vulnerability warning-the black bar safety net

Affected system: PHP PHP 5.3.3 PHP PHP 5.3.2 PHP PHP 5.3.1 PHP PHP 5.3 PHP PHP 5.2 - 5.3.2 Not affected system: PHP PHP 5.3.4 PHP PHP 5.2.15 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 4 5 3 3 5 PHP is a widely-used General-purpose...

PHP 5.2.x < 5.2.15 Multiple Vulnerabilities

Binary data 801097.prm...

PHP 5.2 < 5.2.15 Multiple Vulnerabilities

According to its banner, the version of PHP 5.2 installed on the remote host is older than 5.2.15. Such versions may be affected by several security issues : - A crash in the zip extract method. - A possible double free exists in the imap extension. CVE-2010-4150 - An unspecified flaw exists in...

PHP 5.3 < 5.3.4 Multiple Vulnerabilities

Binary data 801074.prm...