Microsoft Windows - .png IHDR Block Denial of Service (PoC) (2)

Microsoft Windows - .png IHDR Block Denial of Service PoC 2 // Microsoft Windows PNG IHDR block DoS PoC 2 // // CPU load goes to 100% until you restart explorer.exe // // Bug found by: Preddy ? // // Compiled and tested with Windows XP SP2, Visual studio 6, no psdk // // Header: 89 50 4e 47 0d 0a...

MS Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)

No description provided by source. // Microsoft Windows PNG IHDR block DoS PoC 2 // // CPU load goes to 100% until you restart explorer.exe // // Bug found by: Preddy ? // // Compiled and tested with Windows XP SP2, Visual studio 6, no psdk // // Header: 89 50 4e 47 0d 0a // // Greets: scoper,...

DEBIAN-CVE-2006-4111

Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOADPATH variable, a different vulnerability than CVE-2006-4112...

CVE-2006-3812

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links...

security flaw

Buffer overflow in the xcfloadvector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via an XCF file with a large numaxes value in the VECTORS property...

CVE-2006-3067

Multiple unspecified vulnerabilities in IBM DB2 Universal Database UDB before 8.1 FixPak 12 allow remote attackers to cause a denial of service application crash via a 1 "long column list" in the a REPLACE INTO and b INSERT INTO portions of the LOAD command or a 2 large number of values in an IN...

CVE-2006-3067

Multiple unspecified vulnerabilities in IBM DB2 Universal Database UDB before 8.1 FixPak 12 allow remote attackers to cause a denial of service application crash via a 1 "long column list" in the a REPLACE INTO and b INSERT INTO portions of the LOAD command or a 2 large number of values in an IN...

Pound: HTTP request smuggling

Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description Pound fails to handle HTTP requests with conflicting "Content-Length" and...

CVE-2006-1862

The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service panic by running lsof a large number of times in a way that produces a heavy system load...

security flaw

The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service panic by running lsof a large number of times in a way that produces a heavy system load...

Format string

Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service crash via the 1 load, 2 spy and 3 bomb functions...

F5 BIG-IP Cookie Persistence

The remote load balancer suffers from an information disclosure vulnerability. Description : The remote host appears to be a F5 BigIP load balancer which encodes within a cookie the IP address of the actual web server it is acting on behalf of. Additionally, information after 'BIGipServer' is...

F5 BIG-IP Cookie Persistence (HTTP) - Active Check

The remote load balancer suffers from an information disclosure vulnerability. SPDX-FileCopyrightText: 2005 Shavlik Technologies, LLC Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

DEBIAN-CVE-2006-0045

crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges...

CVE-2006-0045

CVE-2006-0045 affects the crawl game prior to 4.0.0, where saving/loading can trigger insecure execution of programs, allowing local users to gain full privileges. Root cause: the program does not securely call external commands during save/load. Practical impact is local privilege escalation; no...

PT-2006-1134 · Crawl · Crawl

Name of the Vulnerable Software and Affected Versions: crawl versions prior to 4.0.0 Description: The issue allows local users to gain privileges due to insecure calls to programs when saving and loading games. Recommendations: For versions prior to 4.0.0, update to version 4.0.0 or later to...

CVE-2006-0187

By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control UserControl1Load function, which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file...

CVE-2006-0187

CVE-2006-0187 concerns Microsoft Visual Studio 2005, where code in the Load event of a user-defined control (UserControl1_Load) runs automatically by design. This behavior could let a user-assisted attacker execute arbitrary code by tricking a user into opening a malicious Visual Studio project f...

CVE-2006-0187

By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control UserControl1Load function, which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file...

pound reverse proxy / load balancer / HTTPS front-end buffer overflow

Buffer overflow on oversized hostname...