160 matches found
Ubuntu Update for libthai vulnerability USN-887-1
Ubuntu Update for Linux kernel vulnerabilities USN-887-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN8871.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libthai vulnerability USN-887-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
DEBIAN-CVE-2009-4012
Multiple integer overflows in LibThai before 0.1.13 might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows, related to 1 thbrk/thbrk.c and 2 thwbrk/thwbrk.c. NOTE: some of these details are obtained from third party information...
USN-887-1: LibThai vulnerability
Tim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user's privileges...
PT-2009-4831 · Scmpx · Scmpx
Name of the Vulnerable Software and Affected Versions: SCMPX version 1.5.1 Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash, or execute arbitrary code via a long string in a .m3u playlist file. Recommendations: For SCMPX version 1.5.1,...
PT-2009-3742 · Mozilla +1 · Firefox +1
Name of the Vulnerable Software and Affected Versions: Pango versions prior to 1.24 Description: The issue is related to an integer overflow in the pango glyph string set size function, which can be triggered by a long glyph string. This can cause a denial of service, resulting in an application...
Ubuntu Update for pcre3 vulnerability USN-581-1
Ubuntu Update for Linux kernel vulnerabilities USN-581-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5811.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for pcre3 vulnerability USN-581-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
WordNet: Execution of arbitrary code
Background WordNet is a large lexical database of English. Description Jukka Ruohonen initially reported a boundary error within the searchwn function in src/wn.c. A thorough investigation by the oCERT team revealed several other vulnerabilities in WordNet: Jukka Ruohonen and Rob Holland oCERT...
USN-581-1: PCRE vulnerability
It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences. In certain situations, an attacker could exploit applications linked against PCRE by tricking a user or automated system in processing a malicious regular expression leading to a denial of service or...
FreeBSD : xfce -- multiple vulnerabilities (024edd06-c933-11dc-810c-0016179b2dd5)
Gentoo reports : A remote attacker could entice a user to install a specially crafted 'rc' file to execute arbitrary code via long strings in the 'Name' and 'Comment' fields or via unspecified vectors involving the second vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Buffer overflow
Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via 1 a reply that begins with a long version string, which triggers an overflow in handlertsppkt in rtsphandlers.c; long headers that trigger overflows in 2 sendpauserequest, 3...
krb5 RPC library buffer overflow
Stack-based buffer overflow in the svcauthgssvalidate function in lib/rpc/svcauthgss.c in the RPCSECGSS RPC library librpcsecgss in MIT Kerberos 5 krb5 1.4 through 1.6.2, as used by the Kerberos administration daemon kadmind and some third-party applications that use krb5, allows remote attackers...
security flaw
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving 1 long strings in the toSource method of the Object, Array, and String objects...
CVE-2006-1147
The Comsprintf function in qshared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers possibly authenticated to cause a denial of service application crash via a long skin, weapon, or model name...
PT-2005-5346 · Mirc · Mirc
Name of the Vulnerable Software and Affected Versions: mIRC versions 5.91 through 6.16 Description: A buffer overflow issue allows local users to potentially execute arbitrary code by entering a long string after reaching the DCC Get Folder Dialog. The vendor has disputed this issue, suggesting i...
CVE-2004-2505
Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service memory consumption and crash by sending repeated GET or POST requests that trigger error messages that use long strings of data...
GLSA-200502-05 : Newspost: Buffer overflow vulnerability
The remote host is affected by the vulnerability described in GLSA-200502-05 Newspost: Buffer overflow vulnerability Niels Heinen has discovered a buffer overflow in the socketgetline function of Newspost, which can be triggered by providing long strings that do not end with a newline character...
CVE-2004-0014
Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings...
CVE-2004-0014
Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings...
GEdit 2.0/2.2 - Large IOStream File Memory Corruption
// source: https://www.securityfocus.com/bid/9090/info A problem has been reported in the handling of certain file types by gEdit. Memory corruption may occur when handling files containing long strings. Because of this, it may be possible to cause memory corruption. / simple buffer overflow...
Apache Httpd < 2.0.46 : APR remote crash
A vulnerability in the aprpsprintf function in the Apache Portable Runtime APR library allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long strings, as demonstrated using XML objects to moddav, and possibly other vectors...