142 matches found
[SECURITY] Fedora 26 Update: libmtp-1.1.13-1.fc26
This package provides a software library for communicating with MTP Media Transfer Protocol media players, typically audio players, video players etc...
CVE-2014-7954
Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. dot dot in a name parameter of an M...
Directory traversal
Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. dot dot in a name parameter of an M...
CVE-2014-7954
The CVE-2014-7954 entry concerns Android 4.4.4 where the MTP path traversal vulnerability lies in MtpServer.cpp (doSendObjectInfo). The issue allows physically proximate attackers connected to the device to upload files outside the sdcard by crafting an MTP request with a .. in the name parameter...
CVE-2014-7954
Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. dot dot in a name parameter of an M...
MTP Ringtones & Wallpapers - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application MTP Ringtones & Wallpapers published at the 'play' market has multiple vulnerabilities...
The Dangers of Downloads: Securing Mobile Devices in 2016
In 2015, mobile malware attacks were on the rise; from 2014 to 2015 we saw an increase of 61% in the number of these attacks. Malware has a clear progression path; it starts out targeting unsuspecting users who are likely to open unknown attachments or install unknown applications. The primary...
CVE-2015-7946
Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1...
CVE-2014-7954 MTP path traversal vulnerability in Android
MTP path traversal vulnerability in Android 4.4 ----------------------------------------------- doSendObjectInfo method of the MtpServer class implemented in frameworks/av/media/mtp/MtpServer.cpp does not validate the name parameter of the incoming MTP packet at all. It is possible to upload file...
Google Android Operating System < 5.0.0 Multiple Vulnerabilities
Binary data 8665.prm...
Stable Channel Update for Chrome OS
The Stable channel has been updated to 38.0.2125.101 Platform version: 6158.49.0, 6158.56.0 for all Chrome OS devices except Chromeboxes. This build contains a number of bug fixes, security updates and feature enhancements. Systems will be receiving updates over the next several days. Here is a...
MTP Guestbook 1.0 - Multiple XSS Vulnerabilities
No description provided by source. ?!-- MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Guestbook allows you to put a guestbook on your website. Your visitors can sign it and leave a...
Mtp-Target 1.2.2 Client Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13460/info A remote format string vulnerability affects Mtp-Target Client. This issue is due to a failure of the application to securely call a formatted printing function. An attacker may leverage this issue to execute...
MTP Image Gallery 1.0 (edit_photos.php, title param) - XSS Vulnerability
No description provided by source. ?!-- MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Image Gallery offers more control, better uploading and enhanced performance. With MTP Image...
Mtp-Target Server 1.2.2 Memory Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13463/info The Mtp-Target server is prone to a memory corruption vulnerability. The issue exists because a comparison fails to ensure that an integer value parameter retrieved from a client is signed. A check is made to...
MTP Poll 1.0 - Multiple XSS Vulnerabilities
No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...
DEBIAN-CVE-2014-2282
The dissectprotocoldataparameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service application crash via a crafted SS7 MTP3 packet...
MTP Image Gallery 1.0 XSS Vulnerability
Exploit for php platform in category web applications MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input type=...
MTP Guestbook 1.0 - Multiple XSS Vulnerabilities
Exploit for php platform in category web applications MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / form method="POST" action="http://localhost/mtpguestbook/inse...
MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities
MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / input type="hidden" name="ins...