72 matches found
DEBIAN-CVE-2017-11406
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values...
Nested attributes rejection proc bypass
When using the nested attributes feature in Active Record you can prevent the destruction of associated records by passing the allowdestroy: false option to the acceptsnestedattributesfor method. The allowdestroy flag prevents the :rejectif proc from being called because it assumes that the recor...
Soso Transfer v1.1 iOS - Denial of Service Vulnerability
Document Title: =============== Soso Transfer v1.1 iOS - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1703 Release Date: ============= 2016-02-02 Vulnerability Laboratory ID VL-ID: ====================================...
SysAid Help Desk Sensitive Information Disclosure Vulnerability
SysAid Help Desk is a suite of Web-based IT management software. The SysAid Help Desk sysaid/getAgentLogFile URI does not adequately filter the 'accountId' parameter, allowing remote attackers to submit invalid values to obtain sensitive information...
"Aircrack-ng 1.2 Beta 3" multiple vulnerabilities
"Aircrack-ng 1.2 Beta 3" multiple vulnerabilities Description: -------------------------------- Four vulnerabilities exist on aircrack-ng = 1.2 Beta 3 which allow remote/local code execution, privilege escalation and denial of service. Specifically, the following vulnerabilities were identified: ...
Stack overflow
Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies...
Several memory hypercall operations allow invalid extent order values
ISSUE DESCRIPTION Allowing arbitrary extentorder input values for XENMEMdecreasereservation, XENMEMpopulatephysmap, and XENMEMexchange can cause arbitrarily long time being spent in loops without allowing vital other code to get a chance to execute. This may also cause inconsistent state resultin...
Microsoft Windows MPEG Layer-3 Audio Decoder Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the codec responsible for parsing layer ...
CVE-2007-3106
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...
Sql injection
E-Business Designer eBD 3.1.4 and earlier allows remote attackers to obtain the full path of the web server via "'" characters, and possibly other invalid values, in 1 the id parameter to formgrupo.html, or requests to the 2 archivos/ and 3 files/ directories. NOTE: this issue might be resultant...
Design/Logic Flaw
xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the 1 action parameter to membersonly/index.cgi and 2 page parameter customerarea/index.cgi, probably due to invalid values...
CVE-2002-2272
Tomcat 4.0 through 4.1.12, using modjk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service desynchronized communications via an HTTP GET request with a Transfer-Encoding chunked field with invalid values...