RHEL 3 : ImageMagick (RHSA-2004:480)

Updated ImageMagick packages that fix a BMP loader vulnerability are now available. ImageMagickTM is an image display and manipulation tool for the X Window System. A heap overflow flaw has been discovered in the ImageMagick image handler. An attacker could create a carefully crafted BMP file in...

Debian DSA-276-1 : linux-kernel-s390 - local privilege escalation

The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible. This advisory only covers kernel...

CVE-2004-0802

CVE-2004-0802 affects imlib2’s BMP loader and is caused by a buffer overflow in the BMP loading path. The vulnerability allows remote attackers to execute arbitrary code by delivering a specially crafted BMP image, and it is confined to imlib2 versions before 1.1.2 (distinct from CVE-2004-0817). ...

CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817...

CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817...

GLSA-200408-20 : Qt: Image loader overflows

The remote host is affected by the vulnerability described in GLSA-200408-20 Qt: Image loader overflows There are several unspecified bugs in the QImage class which may cause crashes or allow execution of arbitrary code as the user running the Qt application. These bugs affect the PNG, XPM, BMP,...

FreeBSD : qt -- image loader vulnerabilities (ebffe27a-f48c-11d8-9837-000c41e2cdad)

Qt contains several vulnerabilities related to image loading, including possible crashes when loading corrupt GIF, BMP, or JPEG images. Most seriously, Chris Evans reports that the BMP crash is actually due to a heap buffer overflow. It is believed that an attacker may be able to construct a BMP...

Qt: Image loader overflows

Background Qt is a cross-platform GUI toolkit used by KDE. Description There are several unspecified bugs in the QImage class which may cause crashes or allow execution of arbitrary code as the user running the Qt application. These bugs affect the PNG, XPM, BMP, GIF and JPEG image types. Impact ...

Mandrake Linux Security Advisory : kernel (MDKSA-2003:038-1)

A bug in the kernel module loader code could allow a local user to gain root privileges. This is done by a local user using ptrace and attaching to a modprobe process that is spawned if the user triggers the loading of a kernel module. A temporary workaround can be used to defend against this fla...

MS Internet Explorer Remote Application.Shell Exploit

Exploit for unknown platform in category remote exploits ===================================================== MS Internet Explorer Remote Application.Shell Exploit ===================================================== function InjectedDuringRedirection...

Linux Kernel 2.4.22 - do_brk() Local Privilege Escalation (1)

Linux Kernel 2.4.22 - dobrk Local Privilege Escalation 1 ; E-DB Note: Updated Exploit https://www.exploit-db.com/exploits/131/ ; ; Christophe Devine devine at cr0.net and Julien Tinnes julien at cr0.org ; ; This exploit uses sysbrk directly to expand his break and doesn't rely ; on the ELF loader...

CVE-2003-0896

The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine JVM in Sun SDK and JRE 1.4.103 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" slash instead of "." dot characters,...

[LSD] Security vulnerability in SUN's Java Virtual Machine implementation

Hello, We have found a security vulnerability in the SUN's implementation of the Java Virtual Machine, which affects the following SDK and JRE releases: - SDK and JRE 1.4.103 and earlier - SDK and JRE 1.3.108 and earlier - SDK and JRE 1.2.2015 and earlier. SUN was informed about this issue on Jun...

Linux Kernel < 2.4.20 Module Loader Local Root Exploit

Exploit for linux platform in category local exploits ====================================================== Linux Kernel include include include include include include include include include include include include define TMPSIZE 4096 define FMAX 768 define UIDNUM 6 define MMSIZE 40961 define...

Linux Kernel 2.4.20 - Module Loader Privilege Escalation

Linux Kernel 2.4.20 - Module Loader Privilege Escalation / Linux Kernel Module Loader Local R00t Exploit Up to 2.4.20 By anonymous KuRaK include include include include include include include include include include include include include define TMPSIZE 4096 define FMAX 768 define UIDNUM 6 defi...

Linux Kernel &lt; 2.4.20 - Module Loader Privilege Escalation

/ Linux Kernel Module Loader Local R00t Exploit Up to 2.4.20 By anonymous KuRaK include include include include include include include include include include include include include define TMPSIZE 4096 define FMAX 768 define UIDNUM 6 define MMSIZE 40961 define MAXSTACK 0xc0000000 // where to pu...

linux kmod/ptrace bug - details

Hello There are many discussions on slashdot for example on the recent linux ptrace & kmod bug. I'll try to clarify what is this all about. It's a local root vulnerability. It's exploitable only if: 1. the kernel is built with modules and kernel module loader enabled and 2...

xloadimage -- buffer overflow in FACES image handling

In 2001, zen-parse discovered a buffer overflow in xloadimage's FACES image loader. A maliciously crafted image could cause xloadimage to execute arbitrary code. A published exploit exists for this vulnerability. In 2005, Rob Holland discovered that the same vulnerability was present in xli...

PT-1999-1039 · Ibm · Clearcase

Name of the Vulnerable Software and Affected Versions: ClearCase affected versions not specified Description: A race condition exists in the db loader program of ClearCase, allowing local users to gain root access by setting SUID bits. Recommendations: At the moment, there is no information about...

1904 AV Block for Loader lock issue

Block 1904 updates to impacted AV...