63 matches found
CVE-2021-43302
Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters...
CVE-2021-43299
Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...
Stack overflow
Stack overflow in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...
Out-of-bounds
Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters...
CVE-2021-43302
Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters...
CVE-2021-43300
Stack overflow in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...
CVE-2021-43299
Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...
CVE-2019-19451
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...
Stack overflow
Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control HyleosChemView.ocx in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the 1 SaveasMolFile and 2 ReadMolFile...
CVE-2010-0679
Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control HyleosChemView.ocx in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the 1 SaveasMolFile and 2 ReadMolFile...
Buffer overflow
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker...
CVE-2008-1461
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker...
CVE-2008-1461
CVE-2008-1461 affects XnView 1.92.1. It is a buffer-overflow vulnerability in the command-line filename argument, allowing a user-assisted remote attacker to potentially execute arbitrary code in the context of the running user. Exploit details in public writeups describe an attack condition wher...
CVE-2002-2226
Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument...
security flaw
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long...
CVE-2007-2602
Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service application crash or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line...
security flaw
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long...
CVE-2006-6950
Directory traversal vulnerability in Conti FTPServer 1.0 Build 2.8 allows remote attackers to read arbitrary files and list arbitrary directories via a .. dot dot in a filename argument...
DEBIAN-CVE-2005-4667
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long...
gedit -- format string vulnerability
Yan Feng reports a format string vulnerability in gedit. This vulnerability could cause a denial of service with a binary file that contains format string characters within the filename. It had been reported that web browsers and email clients can be configured to provide a filename as an argumen...