Lucene search
+L

156 matches found

Prion
Prion
added 2008/01/04 12:46 a.m.17 views

Cross site request forgery (csrf)

The Urlinit function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service NULL dereference and daemon crash via a malformed URI containing a "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request...

5CVSS7.2AI score0.03404EPSS
Exploits1References8Affected Software1
Prion
Prion
added 2008/01/04 12:46 a.m.20 views

Input validation

Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...

5CVSS7.1AI score0.01844EPSS
Exploits1References8Affected Software1
Prion
Prion
added 2008/01/04 12:46 a.m.23 views

Buffer overflow

Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...

7.5CVSS8.4AI score0.04149EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2008/01/04 12:46 a.m.20 views

CVE-2007-6626

Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...

7.5CVSS7.8AI score0.04149EPSS
Exploits1References8
CVE
CVE
added 2008/01/04 12:0 a.m.43 views

CVE-2007-6629

The CVE-2007-6629 entry concerns LScube Feng 0.1.15 and earlier, where an interpretation conflict in a User-Agent line containing a carriage-return character can trigger a NULL dereference and daemon crash, causing a denial of service. The issue arises because the line-delimiter handling differs ...

5CVSS6.6AI score0.01844EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2008/01/04 12:0 a.m.48 views

CVE-2007-6626

CVE-2007-6626 describes multiple buffer overflows in the RTSP_valid_response_msg function of RTSP_state_machine.c in LScube Feng 0.1.15 and earlier, enabling remote attackers to execute arbitrary code via (1) an excessively long first line of a response (VER line) or (2) an excessively long secon...

7.5CVSS7.8AI score0.04149EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2008/01/04 12:0 a.m.35 views

CVE-2007-6628

CVE-2007-6628 affects LScube Feng 0.1.15 and earlier. The issue allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via two malformed headers: (1) Transport header triggering misparsing in RTSP_setup.c’s parse_transport_header (example: a header containing onl...

5CVSS6.7AI score0.02137EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2008/01/04 12:0 a.m.25 views

CVE-2007-6628

LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via 1 a malformed Transport header, which triggers misparsing in parsetransportheader in RTSPsetup.c, as demonstrated by a Transport header that contains only a...

6.7AI score0.02137EPSS
Exploits1References9
Cvelist
Cvelist
added 2008/01/04 12:0 a.m.22 views

CVE-2007-6626

Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...

7.8AI score0.04149EPSS
Exploits1References8
Cvelist
Cvelist
added 2008/01/04 12:0 a.m.26 views

CVE-2007-6629

Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...

6.6AI score0.01844EPSS
Exploits1References8
securityvulns
securityvulns
added 2007/12/28 12:0 a.m.31 views

Multiple vulnerabilities in Feng 0.1.15

Luigi Auriemma Application: Feng http://live.polito.it/documentation/feng Versions: = 0.1.15 Platforms: nix Bugs: A first buffer-overflow in RTSPvalidresponsemsg B second buffer-overflow in RTSPvalidresponsemsg C crash in RTSPremovemsg D NULL pointer in parsetransportheader E NULL pointer in...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/12/28 12:0 a.m.59 views

Feng RTSP streaming server multiple security vulnerabilities

Multiple buffer overflows and DoS conditions...

2.4AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2007/12/27 12:0 a.m.12 views

Feng 0.1.15 - Multiple Remote Buffer Overflow Denial of Service Vulnerabilities

Feng 0.1.15 - Multiple Remote Buffer Overflow Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/27049/info Feng is prone to multiple remote buffer-overflow and denial-of-service vulnerabilities. Successfully exploiting these issues allows remote attackers to execute...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/27 12:0 a.m.24 views

Feng 0.1.15 - Multiple Remote Buffer Overflow / Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/27049/info Feng is prone to multiple remote buffer-overflow and denial-of-service vulnerabilities. Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the server application. Attackers may also crash th...

7AI score
Exploits0
exploitpack
exploitpack
added 2007/04/03 12:0 a.m.24 views

Microsoft Windows - Animated Cursor .ani Universal Generator

Microsoft Windows - Animated Cursor .ani Universal Generator -------------------------------------------------------------------------------- Info: .ANI RIFF Cursors 2007 universal exploit generator Tested on MS Internet Explorer 6.x-7.x, Windows XP SP2, Windows Vista Author: Yag Kohha 10xnGr33tz...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2005/05/20 12:0 a.m.27 views

gedit -- format string vulnerability

Yan Feng reports a format string vulnerability in gedit. This vulnerability could cause a denial of service with a binary file that contains format string characters within the filename. It had been reported that web browsers and email clients can be configured to provide a filename as an argumen...

2.6CVSS6.2AI score0.07655EPSS
Exploits0References1
Rows per page
Query Builder