8517 matches found
xine-ui: Format string vulnerabilities
Background xine-ui is a skin-based user interface for xine. xine is a free multimedia player. It plays CDs, DVDs, and VCDs, and can also decode other common multimedia formats. Description Due to the improper handling and use of format strings, the errorscreatewindow function in errors.c does not...
CVE-2007-0021
Apple iChat 3.1.6 is affected by a format string vulnerability in the AIM URI handler. A remote attacker could exploit crafted aim:// URIs to cause a denial of service (null pointer dereference) and possibly execute arbitrary code. The issue is remediated by Apple Security Update 2007-002 (Mac OS...
Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC
No description provided by source. !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" html head titleMOAB-20-01-2007/title script function boom var str = ''; for var i = 0; i 20; i++ str = str + escape'A%n'; str = 'aim:gochat?roomname=' + str;...
BitDefender Client Log Creation Functionality Format String
The version of BitDefender installed on the remote host fails to sanitize scan job settings of format strings. By leveraging this flaw, a local attacker may be able to crash the antivirus application or possibly even gain complete control of the affected system. C Tenable Network Security, Inc...
MOAB-20-01-2007: Apple iChat aim:// URL Handler Format String Vulnerability
Summary Description from the Wikipedia article: AOL Instant Messenger AIM, ICQ, .Mac and Jabber client for Mac OS X. Using a Jabber-like protocol and Bonjour for user discovery, it also allows for LAN communication. iChat's AIM support is fully endorsed by AOL, and uses their official...
Apple iChat format string vulnerability
Format string vulnerability on aim:// URI parsing...
Colloquy IRC client multiple format string vulnerabilities
Multiple format string vulnerabilities, e.g. invite IRC command...
Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC
Exploit for macOS platform in category dos / poc =================================================================== Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC =================================================================== MOAB-20-01-2007 function boom var str = '';...
MOAB-02-01-2007: VLC Media Player udp:// Format String Vulnerability
Summary The following description of the software is provided by vendor VideoLAN: VideoLAN is a software project, which produces free software for video, released under the GNU General Public License. The main product is the cross-platform VLC media player. The VLC media player is a highly portab...
Apple iChat 3.1.6 441 - 'aim://' URL Handler Format String (PoC)
MOAB-20-01-2007 function boom var str = ''; for var i = 0; i milw0rm.com 2007-01-21...
MOAB-16-01-2007: Multiple Colloquy IRC Format String Vulnerabilities
Summary Traditionally, chat clients on the Mac have been anything but glamorous. Colloquy is an advanced IRC & SILC client which aims to fill this void. By adhering to Mac OS X interface conventions, Colloquy has the look and feel of a quality Mac application. By making a common mistake the...
MOAB-16-01-2007.rb.txt
!/usr/bin/ruby c Copyright 2006 Lance M. Havok Makes use of the Colloquy INVITE format string vulnerability. require 'socket' targetchannel = ARGV0 || "whatever" targetserver = ARGV1 || "irc.server.org" targetport = ARGV2 || 6667 randnick = "spongebo" channeljoined = false readytogo = false...
BitDefender client format string vulnerability
Format string vulnerability on scan settings logging...
Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability
================================================ Layered Defense Research Advisory 18 January 2007 ================================================ 1 Affected Software BitDefender Client Professional Plus build 8.02 ================================================ 2 Severity Rating: Low risk...
Format string
Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...
CVE-2007-0391
Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...
CVE-2007-0391
BitDefender Client Professional Plus 8.02 is affected by a format-string vulnerability in the log-creation functionality. An attacker could leverage this flaw via certain scan job settings to execute arbitrary code or take control of the affected system. The description and references across NVD/...
CVE-2007-0391
Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...
CVE-2007-0344
Multiple format string vulnerabilities in 1 invitedToRoom: and 2 invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, relate...
CVE-2007-0338
Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log...