Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow Vulnerability

No description provided by source. Python's 'imageop' module is prone to a buffer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python module. This may result in a compromise of the underlying system...

Ghostscript 'CCITTFax' Decoding Filter - Denial of Service Vulnerability

No description provided by source. Ghostscript is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input. Exploiting this issue allows remote attackers to crash the application and possibly to execute code, but this has not been confirmed...

Ghostscript < 8.64 'gdevpdtb.c' Buffer Overflow Vulnerability

No description provided by source. Ghostscript is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with...

Wireshark MPEG File Parser 'wiretap/mpeg.c'缓冲区溢出漏洞

Bugtraq ID：66066 CVE ID：CVE-2014-2299 Wireshark（前称Ethereal）是一款非常流行的开源网络流量分析软件。 攻击者可以利用漏洞是应用程序崩溃，或执行任意代码。 0 MandrakeSoft Enterprise Server 5 x8664 MandrakeSoft Enterprise Server 5 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.wireshark.org/...

Wireshark NFS Dissector拒绝服务漏洞

Bugtraq ID：66068 CVE ID：CVE-2014-2281 Wireshark（前称Ethereal）是一款非常流行的开源网络流量分析软件。 由于程序没有正确处理某些类型的数据包，攻击者可以利用漏洞是受影响程序崩溃，拒绝服务合法用户。 0 MandrakeSoft Enterprise Server 5 x8664 MandrakeSoft Enterprise Server 5 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.wireshark.org/...

Wireshark RLC Dissector 'packet-rlc.c'拒绝服务漏洞

Bugtraq ID：66072 CVE ID：CVE-2014-2283 Wireshark（前称Ethereal）是一款非常流行的开源网络流量分析软件。 由于程序没有正确处理某些类型的数据包，攻击者可以利用漏洞是受影响程序崩溃。 0 MandrakeSoft Enterprise Server 5 x8664 MandrakeSoft Enterprise Server 5 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.wireshark.org/...

Mozilla Firefox and SeaMonkey Java LiveConnect Script Security Bypass Vulnerability

CVE:CVE-2010-3775 Bugtraq ID:45355 Mozilla Firefox and SeaMonkey are prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass security restrictions and obtain elevated privileges such as the abilities to read local files, launch processes, and create network connection...

rsync客户端增量文件列表远程内存破坏漏洞

Bugtraq ID: 47064 rsync是一款文件同步管理软件。 当增量递归启用，--delete启用，关闭--owner时，generator进程接收端存在一个内存破坏漏洞。在这些条件下，一些Generatordeep删除函数会临时增加fileextracnt，此全局变量用于管理filestructs内存中的格式，并在完成后恢复原始值。增量的目录只影响用于执行删除的临时文件列表，但它也能影响调用这些函数过程中接收到的增量文件列表块，不过可能以错误的格式创建。当恢复原始fileextracnt时，存储在每个可应用OPTEXTRA字段中的值会出现在rsync.h中列出的下一个值中。...

phpMyAdmin数据库搜索跨站脚本执行漏洞

BUGTRAQ ID: 45100 CVE ID: CVE-2010-4329 phpMyAdmin是用PHP编写的工具，用于通过WEB管理MySQL。 phpMyAdmin由于未有效过滤用户提供的数据，所以在实现上存在跨站脚本漏洞，远程攻击者可利用此漏洞在其他访问网站的用户的浏览器中执行任意脚本代码，从而窃取基于Cookie的验证凭据，发动其他攻击。 MandrakeSoft Corporate Server 4.0 x8664 MandrakeSoft Corporate Server 4.0 phpMyAdmin phpMyAdmin 2.11 - 3.3.6 MandrakeSo...

PHP “/imap/php_imap.c”释放后重利用远程代码执行漏洞

BUGTRAQ ID: 44980 CVE ID: CVE-2010-4510 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP处理IMAP协议数据的实现上存在漏洞，远程攻击者可能利用此漏洞导致拒绝服务或执行任意指令。 当用户提供特定的用户名和口令数据时会触发释放重利用问题。 MandrakeSoft Corporate Server 4.0 x8664 MandrakeSoft Corporate Server 4.0 MandrakeSoft Linux Mandrake 9.0 MandrakeSoft Linux Mandrake 10.1...

Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability

CVE: CVE-2008-2364 The Apache 'modproxyhttp' module is prone to a denial-of-service vulnerability that affects the processing of interim responses. Attackers may exploit this issue to cause denial-of-service conditions. Reportedly, the issue affects Apache 2.2.8 and 2.0.63; other versions may als...

PHP 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability

Exploit for unknown platform in category remote exploits ====================================================================== PHP 'sessionsavepath' 'safemode' Restriction-Bypass Vulnerability ====================================================================== Vulnerable: PHP PHP 5.3.1 PHP PH...

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability

Exploit for unknown platform in category local exploits ==================================================================== Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability ==================================================================== Vulnerable: Ubuntu Ubuntu Linux 9....

Mozilla Firefox/Thunderbird/SeaMonkey HTML Parser Remote Code Execution Vulnerability

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed...

Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability

No description provided by source. Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHa...

Expat 2.0.1 UTF-8 Character XML Parsing Remote DOS Vulnerability

Exploit for unknown platform in category dos / poc ============================================================================== Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability ============================================================================== Title:...

LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability

Exploit for unknown platform in category dos / poc ================================================================= LibTIFF 'LZWDecodeCompat' Remote Buffer Underflow Vulnerability ================================================================= Title: LibTIFF 'LZWDecodeCompat' Remote Buffer...

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux WS 4 RedHat...

LibTIFF - &#039;LZWDecodeCompat()&#039; Remote Buffer Underflow

Bugtraq ID: 35451 Class: Boundary Condition Error Published: Jun 21 2009 12:00AM Updated: Nov 12 2009 06:46PM Credit: wololo Vulnerable: Ubuntu Ubuntu Linux 9.04 sparc Ubuntu Ubuntu Linux 9.04 powerpc Ubuntu Ubuntu Linux 9.04 lpia Ubuntu Ubuntu Linux 9.04 i386 Ubuntu Ubuntu Linux 9.04 amd64 Ubunt...

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat...