40 matches found
[SECURITY] Fedora 38 Update: mlt-7.14.0-2.fc38
MLT is an open source multimedia framework, designed and developed for television broadcasting. It provides a toolkit for broadcasters, video editors,media players, transcoders, web streamers and many more types of applications. The functionality of the system is provided via an assortment of rea...
openSUSE Security Update : firejail (openSUSE-2021-271)
This update for firejail fixes the following issues : firejail 0.9.64.4 is shipped to openSUSE Leap 15.2 - CVE-2021-26910: Fixed root privilege escalation due to race condition boo1181990 Update to 0.9.64.4 : - disabled overlayfs, pending multiple fixes - fixed launch firefox for open url in...
Security update for firejail (important)
openSUSE Security Update: Security update for firejail Announcement ID: openSUSE-SU-2021:0271-1 Rating: important References: 1181990 Cross-References: CVE-2020-17367 CVE-2020-17368 CVE-2021-26910 CVSS scores: CVE-2020-17367 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-17368 NV...
[SECURITY] [DLA 2169-1] libmtp security update
Package : libmtp Version : 1.1.8-1+deb8u1 CVE ID : CVE-2017-9831 CVE-2017-9832 libmtp is a library for communicating with MTP aware devices. The Media Transfer Protocol commonly referred to as MTP is a devised set of custom extensions to support the transfer of music files on USB digital audio...
Microsoft Windows: WPD Devices: Deny write access
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winwpddenywriteaccess.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for WPD Devices: Deny write access Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program ...
Beware! Subtitle Files Can Hack Your Computer While You're Enjoying Movies
Do you watch movies with subtitles? Just last night, I wanted to watch a French movie, so I searched for English subtitles and downloaded it to my computer. Though that film was excellent, this morning a new research from Checkpoint scared me. I was unaware that a little subtitle file could hand...
Multi Purpose Fuzzer: zzuf
Multi Purpose Fuzzer zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data which more than often comes from untrusted sources on the Internet. It works by intercepting file and network operations and changing random...
Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities
No description provided by source. Title: ====== Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities Date: ===== 2013-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1009 VL-ID: ===== 1009 Common Vulnerability Scoring System:...
[SECURITY] [DSA 2751-1] libmodplug security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2751-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 04, 2013 http://www.debian.org/security/faq -...
Debian DSA-2751-1 : libmodplug - several vulnerabilities
Several vulnerabilities have been discovered in libmodplug, a library for mod music based on ModPlug, that might allow arbitrary code execution when processing specially crafted ABC files through applications using the library, such as media players. %NASLMINLEVEL 70300 C Tenable Network Security...
[SECURITY] [DSA 2751-1] libmodplug security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2751-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 04, 2013 http://www.debian.org/security/faq -...
DSA-2751-1 libmodplug - several
Bulletin has no description...
Debian: Security Advisory (DSA-2751-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Monkey's Audio ".ape"文件缓冲区溢出漏洞
BUGTRAQ ID: 46887 Monkey's Audio是压缩数字音乐的工具。 Monkey's Audio在".ape"文件处理的实现上存在栈缓冲区溢出漏洞,远程攻击者可利用此漏洞在受影响应用程序中执行任意代码或造成拒绝服务。 Monkey’s Audio Monkey’s Audio 厂商补丁: Monkey’s Audio --------------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.monkeysaudio.com/index.html KedAns-Dz ()提供了如下测试方法:...
Monkey's File Audio (All MPlayers) Buffer Overflow
Exploit for windows platform in category local exploits !/usr/bin/perl Title : Monkey's File Audio All MPlayers Buffer Overflow Author : KedAns-Dz E-mail : email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Overflow &...
Monkey's File Audio Buffer Overflow
!/usr/bin/perl Title : Monkey's File Audio All MPlayers Buffer Overflow Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Overflow & Crash's Tested on : Windows XP SP3 Français Target : A...
Monkey's Audio - '.ape' Remote Buffer Overflow
source: https://www.securityfocus.com/bid/46887/info Monkeyâ??s Audio is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows attackers to execute arbitrary code in t...
CERT Issues Advisory On RealPlayer Holes
US CERT has issued an advisory following the release, late last week, of a critical patch from RealNetworks for seven vulnerabilities in its common RealPlayer software. CERT recommended users and administrators to review the advisory from Realnetworks to determine which RealPlayer products were...
Cisco Digital Media Players unauthorized access
It's possible to inject video/audio data into remote display...
Multiple Media Players ((iTunes / QuickTime) - HTTP DataHandler Overflow
ScaryMovie Exploit Study By: DrIDE October, 2009 There is a widespread failure in the way that .MOV files are handled by the Quicktime Library. I have attempted to compound my findings on this issue. Nearly every .MOV enabled application that I tested fell victim to this exploit. This is a local...