Design/Logic Flaw

Slanger 0.6.0 is affected by: Remote Code Execution RCE. The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after...

CVE-2019-1010306

Slanger 0.6.0 is affected by a Remote Code Execution (RCE) vulnerability in the Message handler and request validator. A remote, unauthenticated attacker can execute arbitrary commands by sending a crafted request to the server. The issue is addressed by a fix committed as 5267b455caeb2e055cccf0d...

CVE-2019-1010306

Slanger 0.6.0 is affected by: Remote Code Execution RCE. The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after...

CVE-2017-16253

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow...

CVE-2017-16253

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow...

PT-2019-8045 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub 2245-222 version 1012 Description: A buffer overflow vulnerability exists in the PubNub message handler. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow, overwriting arbitrary dat...

Linux kernel drivers/char/ipmi/ipmi_msghandler.c file memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A memory misreference vulnerability exists in the drivers/char/ipmi/ipmimsghandler.c file in Linux kernel versions prior to 4.20.5. A remote attacker could exploit thi...

UBUNTU-CVE-2019-9003

In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmimsghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop...

The vulnerability of the Message Handler component in the Microsoft Outlook client allows a hacker to gain access to protected information.

The vulnerability of the Message Handler component of the Microsoft Outlook client is related to errors during the attachment of files to Outlook messages. Exploiting this vulnerability can allow an attacker to gain access to protected information through a file attached to an email message, as a...

Vulnerability Spotlight: TALOS-2018-0635/0636 - Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities

Marcin Noga of Cisco Talos discovered this vulnerability. Overview Cisco Talos is disclosing two vulnerabilities in Sophos HitmanPro.Alert, a malware detection and protection tool. Both vulnerabilities lie in the input/output control IOCTL message handler. One could allow an attacker to read kern...

libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...

Microsoft IIS WebDAV XML Message Handler Denial of Service (MS04-030; CVE-2003-0718)

The WebDAV protocol Web-based Distributed Authoring and Versioning is an extension to HTTP/1.1 that provides a capability for web page authoring over HTTP. The Microsoft WebDAV component is provided with Microsoft Internet Information Services Server IIS in order to provide support for WebDAV. Th...

DEBIAN-CVE-2005-3487

Multiple buffer overflows in Scorched 3D 39.1 bf and earlier allow remote attackers to execute arbitrary code via various 1 GLConsole::addLine, 2 ServerCommon::sendString, 3 ServerCommon::serverLog functions, 4 a long command that is not properly handled in ComsMessageHandler.cpp when generating ...

WM_TIMER Message Handler Privilege Elevation (Q328310)

A security issue has been identified in WMTIMER that could allow an attacker to compromise a computer running Microsoft Windows and gain complete control over it. Recommendation: Users using any of the affected products should install the patch immediately. Maximum Severity Rating: Critical...

CVE-2003-0718

The WebDAV Message Handler for Internet Information Services IIS 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service memory and CPU exhaustion, application crash via a PROPFIND request with an XML message containing XML elements with a large number of attributes...

Fedora Core 1 : libpng-1.2.2-20 (2004-105)

Mon Apr 19 2004 Matthias Clasen - fix a possible out-of-bounds read in the error message handler. 121229 - Tue Mar 02 2004 Elliot Lee - rebuilt - Fri Feb 27 2004 Mark McLoughlin 2:1.2.2-19 - rebuild with changed bits/setjmp.h on ppc - Fri Feb 13 2004 Elliot Lee - rebuilt Note that Tenable Network...

Fedora Core 1 : libpng10-1.0.13-11 (2004-106)

Mon Apr 19 2004 Matthias Clasen - fix a possible out-of-bounds read in the error message handler. 121229 - Tue Mar 02 2004 Elliot Lee - rebuilt - Fri Feb 13 2004 Elliot Lee - rebuilt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

[Hat-Squad] Remote buffer overflow in Mdaemon Raw message Handler

Hat-Squad Security Team Advisory http://www.hat-squad.com Product: Alt-N Technologies Mdaemon Mail Server Version: MDaemon 6.85 and Below to 6.52 Vulnerability: Remote buffer overflow in Raw Message Handler Release Date: 12/29/2003 Vendor Status: Informed on 29 Dec 2003 Quick response on 29 Dec...