15 matches found
EUVD-2007-1250
Malware in sbrugna...
kmz-vpn.de Cross Site Scripting vulnerability OBB-3258870
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
kmz-vpn.de Cross Site Scripting vulnerability OBB-2335320
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Esri ArcGIS Earth KMZ File Parsing Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcGIS Earth. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of K...
CVE-2006-7157
Buffer overflow in Google Earth v4.0.2091 beta allows remote user-assisted attackers to cause a denial of service crash via a KML or KMZ file with a long href element...
CVE-2006-7157
Buffer overflow in Google Earth v4.0.2091 beta allows remote user-assisted attackers to cause a denial of service crash via a KML or KMZ file with a long href element...
CVE-2007-1253
Eval injection vulnerability in the a kmzImportWithMesh.py Script for Blender 0.1.9h, as used in b Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted 1 KML or 2 KMZ file...
CVE-2007-1253
Eval injection vulnerability in the a kmzImportWithMesh.py Script for Blender 0.1.9h, as used in b Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted 1 KML or 2 KMZ file...
Design/Logic Flaw
Eval injection vulnerability in the a kmzImportWithMesh.py Script for Blender 0.1.9h, as used in b Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted 1 KML or 2 KMZ file...
CVE-2007-1253
Eval injection vulnerability in the a kmzImportWithMesh.py Script for Blender 0.1.9h, as used in b Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted 1 KML or 2 KMZ file...
CVE-2007-1253
Eval injection vulnerability in the a kmzImportWithMesh.py Script for Blender 0.1.9h, as used in b Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted 1 KML or 2 KMZ file...
CVE-2007-1253
CVE-2007-1253 affects Blender up to version 2.43, via the kmz_ImportWithMesh.py script. An insecure use of eval() in kmz_ImportWithMesh.py allows a remote attacker to entice a user to open a crafted .kmz or .kml file, resulting in arbitrary Python code execution with the user’s privileges. The vu...
kml-kmz.txt
/////////////////////////////////////////////// // Google Earth kml & kmz files buffer overflow // by JAAScois http://www.jaascois.com // Test on: Google Earth v4.0.2091beta Sep 14 2006 /////////////////////////////////////////////// include include char xmlHdr="\n\nBy: JAAScois.com"; char...
Google Earth buffer overflow
Buffer overflow on .kml and .kmz files...
Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow
// source: https://www.securityfocus.com/bid/20464/info Google Earth is prone to a buffer-overflow vulnerability because the application to properly verify the size of user-supplied data before copying it into an insufficiently sized process buffer. This issue allows remote attackers to execute...