PHP 5.5.x < 5.5.24 Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x running on the remote web server is prior to 5.5.24. It is, therefore, affected by multiple vulnerabilities : - An unspecified use-after-free error exists in the zendsharedmemdup function within file ext/opcache/zendsharedalloc.c that allows an...

Cisco Web Security Appliance Python File Processing Privilege Escalation Vulnerability

A vulnerability in the status-checking process of remote access tunnels for supporting Cisco Web Security Appliances WSA could allow an authenticated, local attacker to execute arbitrary Python code on the affected system. The vulnerability is due to improper usage and handling of the pickle Pyth...

CVE-2015-0934

Common LaTeX Service Interface CLSI before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remote authenticated users to execute arbitrary code via backtick characters in a filename...

QQPlayer-asx-File-Processing-Buffer-Overflow

Title: QQPlayer asx File Processing Buffer Overflow Exploit Author: Li Qingshan of Information Security Engineering Center,School of Software and Microelectronics,Peking University Vendor: www.qq.com head =''' ''' payload=head+junk+nseh+seh+adjust+shellcode+junk+foot fobj = open"poc.asx","w"...

gcab 'gcab-folder.c' local directory traversal vulnerability

gcab is a set of Microsoft Cabinet file processing tools. The tools list, extract and create compressed .cab files. A local directory traversal vulnerability exists in gcab 'gcab-folder.c'. Due to the program failing to adequately filter user-supplied input. Allowing a local attacker to access th...

CVE-2014-9427

The CVE-2014-9427 issue affects PHP CGI (sapi/cgi/cgi_main.c). In PHP 5.4.36 and 5.5.x up to 5.5.20, and 5.6.x up to 5.6.4, mmap-based reading of a .php file can miss the mapping length for certain invalid inputs starting with ‘#’ and lacking a newline. This yields an out-of-bounds read that coul...

Multiple vulnerabilities in IDA Pro (CNVD-2014-09237)

IDA PRO abbreviation IDA Interactive Disassembler is an interactive disassembler. IDA Pro 6.6 and earlier versions contain several implementation vulnerabilities that could allow an attacker to take control of the affected system, a double-release in the kernel and a double-release error in the N...

Design/Logic Flaw

file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an...

CVE-2014-3538

file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an...

Fat Player 0.6b - WAV File Processing Buffer Overflow (SEH)

No description provided by source. Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information. Reference:...

MultiPowUpload 2.1 - Remote File Upload Vulnerability

No description provided by source. Exploit Title: MultiPowUpload v 2.1 Remote File Upload Vulnerability Author: DIES3L Email: [email protected] Date: 26-1-2011 Software Link: http://www.element-it.com Download Software : http://www.element-it.com/Download/ElementIT.MultiPowUpload3.zip Version: 2.1...

PlayPad Music Player 1.12 - (.mp3) Denial of Service Vulnerability

No description provided by source. Exploit Title: PlayPad Music Player v1.12 .mp3 File Processing BoF/Crash Date: 20th August, 2010 Author: Praveen Darshanam Software Link:...

openSUSE Security Update : OpenOffice_org (openSUSE-SU-2011:0336-1)

Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. The previous OpenOfficeorg packages are also renamed to libreoffice. LibreOffice is continuation of the OpenOffice.org project. This update replaces the...

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-2012-136)

update to version 1.11.1 to fix several security issues : - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class -...

Winamp - .flv File Processing Memory Corruption

Winamp - .flv File Processing Memory Corruption source: https://www.securityfocus.com/bid/67429/info Winamp is prone to a memory-corruption vulnerability. An attacker can leverage this issue to crash the affected application, causing a denial-of-service condition. Winamp 5.666 is vulnerable; othe...

JVN#44392991: Security File Manager vulnerable to directory traversal

Security File Manager provided by CGENE Inc contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has...

[SECURITY] Fedora 20 Update: ruby-2.0.0.353-16.fc20

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...

[CORE-2013-0805] Aloaha PDF Suite Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Aloaha PDF Suite Buffer Overflow Vulnerability 1. Advisory Information Title: Aloaha PDF Suite Buffer Overflow Vulnerability Advisory ID: CORE-2013-0805 Advisory URL:...

Oracle Outside In vulnerable to denial-of-service (DoS)

Overview Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a denial-of-service DoS vulnerability. Takahiro Haruyama of Internet Initiative Japan Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

CVE-2013-2004

The 1 GetDatabase and 2 XimParseStringFile functions in X.org libX11 1.5.99.901 1.6 RC1 and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service stack consumption via a crafted file...