DEBIAN-CVE-2011-1138

Off-by-one error in the dissect6lowpaniphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service application crash via a malformed 6LoWPAN IPv6 packet...

CVE-2011-1138

Off-by-one error in the dissect6lowpaniphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service application crash via a malformed 6LoWPAN IPv6 packet...

Anonymous Press Release for Journalists !

Anonymous Press Release for Journalists ! Today Anonymous Hackers Release a new Press Note for all those Journalists, who writing a story, and have come to their website to do research, or pull a quote. AnonNews uses an open-posting concept. Anyone can post to the site, and moderators will approv...

Mandriva Linux Security Advisory : openoffice.org (MDVSA-2011:027)

Multiple vulnerabilities were discovered and corrected in OpenOffice.org : Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files via a .. dot dot in an entry in an XSLT JAR filter description file, an Extension aka OXT file, or unspecified other JAR or Z...

Kunena SQL Injection Vulnerability & Information Leakage

Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...

Kunena < 1.5.13, < 1.6.3 SQL Injection Vulnerability

Exploit for php platform in category web applications Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done...

Kunena &lt; 1.5.13 / &lt; 1.6.3 - SQL Injection

Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...

Welcome to the Zoo

Everybody knows the Twitter Fail Whale, but Twitter’s hardly the only flaky Web service out there, and the Fail Whale is just one creature in a whole Fail menagerie that’s sprung up in recent years to soothe hacked off Web users. Check out Threatpost’s Fail Zoo: a collection of the strangest fail...

CVE-2010-3454

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC fi...

CVE-2010-3454

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC fi...

CVE-2010-3454

OpenOffice.org/OpenOffice.org2/3.x before 3.3 is affected by multiple off-by-one and out-of-bounds write flaws in WW8DopTypography::ReadFromMem (OOo), triggered by crafted Word .DOC typography data. This can cause denial of service or arbitrary code execution. Remediation: apply the patched/OpenO...

OpenOffice.org: Array index error by scanning document typography information of certain *.doc files

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC fi...

OpenOffice.org: Array index error by scanning document typography information of certain *.doc files

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC fi...

Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution

Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution !/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin...

ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)

This module exploits a stack-based buffer overflow in versions 1.2 through 1.3.0 of ProFTPD server. The vulnerability is within the "sreplace" function within the "src/support.c" file. The off-by-one heap overflow bug in the ProFTPD sreplace function has been discovered about 2 two years ago by...

Ubuntu: Security Advisory (USN-1031-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for clamav vulnerabilities USN-1031-1

Ubuntu Update for Linux kernel vulnerabilities USN-1031-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10311.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for clamav vulnerabilities USN-1031-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

DEBIAN-CVE-2010-4261

Off-by-one error in the iconcb function in peicons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third...

Memory corruption

Off-by-one error in the iconcb function in peicons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third...

PT-2010-5383 · Cisco · Clamav

Name of the Vulnerable Software and Affected Versions: ClamAV versions prior to 0.96.5 Description: The issue is related to an off-by-one error in the icon cb function in pe icons.c in libclamav. This error can be exploited by remote attackers to cause a denial of service, resulting in memory...