1011 matches found
Microsoft Windows Kernel - .ANI File Parsing Crash
Microsoft Windows Kernel - .ANI File Parsing Crash 111111111111111111111111111111 // milw0rm.com 2004-12-25...
CVE-2004-0805
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain 1 mp3 or 2 mp2 file...
CVE-2004-1309
Heap-based buffer overflow in the demuxopenbmp function in demuxbmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap BMP file containing a large biClrUsed field...
CVE-2004-1065
Buffer overflow in the exifreaddata function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file...
CVE-2004-1308
Integer overflow in 1 tifdirread.c and 2 tiffax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFFASCII or TIFFUNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow...
CVE-2004-1308
Integer overflow in 1 tifdirread.c and 2 tiffax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFFASCII or TIFFUNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow...
CVE-2004-1302
The id3tagsort function in id3tag.c for YAMT 0.5 allows remote attackers to execute arbitrary commands via an MP3 file with double quotes in the Artist tag...
WinRAR 3.4.1 - Corrupt .ZIP File
WinRAR 3.4.1 - Corrupt .ZIP File / WinRAR 3.40 Buffer Overflow POC Thanks to Miguel Tarasco Acuna. He has made a wonderful code for Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034 which I edited and made this code by. Coded by Vafa Khoshaein - [email protected]...
WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC
Exploit for unknown platform in category local exploits ================================================== WinRAR include pragma pack1 define DATOS "email protected" typedef struct DWORD Signature; WORD VersionNeeded; WORD GeneralPurposeFlag; WORD CompressionMethod; WORD ModFileTime; WORD...
DXFScope 0.2 - Remote Client-Side Buffer Overflow
source: https://www.securityfocus.com/bid/11986/info A remote, client-side buffer overflow vulnerability reportedly affects the DXFscope utility. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it as the format specifier string in a...
WinRAR 3.4.1 - Corrupt '.ZIP' File
/ WinRAR 3.40 Buffer Overflow POC Thanks to Miguel Tarasco Acuna. He has made a wonderful code for Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034 which I edited and made this code by. Coded by Vafa Khoshaein - [email protected] Vulnerability discovery date : December 10...
PCAL 4.x - Calendar File getline Remote Buffer Overflow
PCAL 4.x - Calendar File getline Remote Buffer Overflow source: https://www.securityfocus.com/bid/12035/info PCAL is prone to a buffer overflow vulnerability. This issue is exposed when the application handles a calendar file that contains excessively long lines. Since calendar files may originat...
abctab2ps 1.6.3 - Write_Heading .ABC Remote Buffer Overflow
abctab2ps 1.6.3 - WriteHeading .ABC Remote Buffer Overflow source: https://www.securityfocus.com/bid/12026/info abctab2ps is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied...
Michael Kohn Ringtone Tools 2.22 - .EMelody File Remote Buffer Overflow
Michael Kohn Ringtone Tools 2.22 - .EMelody File Remote Buffer Overflow source: https://www.securityfocus.com/bid/12010/info Ringtone Tools is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copyi...
CVE-2004-0982
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ at sign in a URL...
CVE-2004-0982
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ at sign in a URL...
Debian DSA-565-1 : sox - buffer overflow
Ulf Harnhammar has reported two vulnerabilities in SoX, a universal sound sample translator, which may be exploited by malicious people to compromise a user's system with a specially crafted .wav file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
CVE-2004-1623
The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service infinite loop in Explorer via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF...
Xpdf, CUPS: Multiple integer overflows
Background Xpdf is an open source viewer for Portable Document Format PDF files. The Common UNIX Printing System CUPS is a cross-platform print spooler that includes some Xpdf code. Description Chris Evans discovered multiple integer overflow issues in Xpdf. Impact An attacker could entice an use...
Important: Red Hat Security Advisory: ImageMagick security update
Updated ImageMagick packages that fix various security vulnerabilities are now available. ImageMagickTM is an image display and manipulation tool for the X Window System. A heap overflow flaw was discovered in the ImageMagick image handler. An attacker could create a carefully crafted BMP file in...