8 matches found
CVE-2022-46285
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...
GNU Libextractor ZIP File Comment Out-of-Bounds Read (CVE-2018-16430)
An out-of-bounds read vulnerability exists in Libextractor. The vulnerability is due to improper handling of long File Comment fields within ZIP files. Successful exploitation of this vulnerability could lead to denial-of-service conditions or disclosure of sensitive information...
CVE-2014-7226
The file comment feature in Rejetto HTTP File Server hfs 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols...
Design/Logic Flaw
The file comment feature in Rejetto HTTP File Server hfs 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols...
CVE-2014-7226
The file comment feature in Rejetto HTTP File Server hfs 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols...
Rejetto HTTP File Server (HFS) 2.3a2.3b2.3c - Remote Command Execution
Rejetto HTTP File Server HFS 2.3a2.3b2.3c - Remote Command Execution ========================================================== HTTP File Server 2.3a - 2.3b - 2.3c Remote Command Execution Author : Daniele Linguaglossa Date: 30/09/2014 Remote: Yes Vendor Homepage: http://rejetto.com/ Software Lin...
Debian DSA-051-1 : netscape - unexpected javascript execution
Florian Wesch has discovered a problem reported to bugtraq with the way how Netscape handles comments in GIF files. The Netscape browser does not escape the GIF file comment in the image information page. This allows JavaScript execution in the 'about:' protocol and can for example be used to...
Netscape 4.76 gif comment flaw
Product: Netscape Navigator/Communicator Tested on: 4.76 on Linux and Win98/NT Vendor Contact: Reported 2001-03-22 Problem -------------------------------------------------------- - Overview: The Netscape browser does not escape the gif file comment in the image information page. This allows...