CVE-2008-4116

CVE-2008-4116 concerns Apple QuickTime 7.5.5 and iTunes 8.0. The vulnerability is a heap-based buffer overflow triggered by a long type attribute in a QuickTime tag (on a web page or embedded in .mp4/.mov), related to an off-by-one error and potentially associated with Check_stack_cookie. Consequ...

Debian: Security Advisory (DSA-1635-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1635-1 (freetype)

The remote host is missing an update to freetype announced via advisory DSA 1635-1. OpenVAS Vulnerability Test $Id: deb16351.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1635-1 freetype Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

CVE-2008-3964

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a PNG image with crafted zTXt chunks, related to 1 the pngpushreadzTXt function in pngread.c, and possibl...

CVE-2008-3964

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a PNG image with crafted zTXt chunks, related to 1 the pngpushreadzTXt function in pngread.c, and possibl...

Debian DSA-1635-1 : freetype - multiple vulnerabilities

Several local vulnerabilities have been discovered in freetype, a FreeType 2 font engine, which could allow the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1806 An integer overflow allows context-dependent attackers ...

CVE-2008-3964

CVE-2008-3964 affects libpng, where multiple off-by-one errors in png_push_read_zTXt (in pngread.c) can crash or cause other impact when processing crafted PNGs. Affected are libpng before 1.2.32beta01 and 1.4 before 1.4.0beta34. Consequence is a denial of service (crash) and unspecified other im...

CVE-2008-3964

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a PNG image with crafted zTXt chunks, related to 1 the pngpushreadzTXt function in pngread.c, and possibl...

FreeBSD Ports: freeradius

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Security Advisory (FreeBSD-SA-08:02.libc.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:02.libc.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

yourownbux-sql.txt

YourOwnBux 3.1, 3.2 Beta Remote SQL Injection Vulnerability Author: !DoktOR! Date found: 28.08.08 Product: YourOwnBux Version: 3.1, 3.2 Price: $39.99 DEMO: yourownbux.com/demos/ Vulnerability Class: SQL Injection Condition: magicquotesgpc = Off 3.2 Beta version Exploit:...

ifdate-sql.txt

iFdate = 2.0.3 SQL Injection Vulnerability Author: !DoktOR! Date found: 26.08.08 Product: iFdate Version: 2.0.3 Price: $140 Download script: http://depositfiles.com/ru/files/537317 Vulnerability Class: SQL Injection Condition: magicquotesgpc = Off http://localhost/installdir/memberssearch.php nee...

iFdate 2.0.3 - SQL Injection

iFdate = 2.0.3 SQL Injection Vulnerability Author: !DoktOR! Date found: 26.08.08 Product: iFdate Version: 2.0.3 Price: $140 Download script: http://depositfiles.com/ru/files/537317 Vulnerability Class: SQL Injection Condition: magicquotesgpc = Off http://localhost/installdir/memberssearch.php nee...

iFdate 2.0.3 - SQL Injection

iFdate 2.0.3 - SQL Injection iFdate = 2.0.3 SQL Injection Vulnerability Author: !DoktOR! Date found: 26.08.08 Product: iFdate Version: 2.0.3 Price: $140 Download script: http://depositfiles.com/ru/files/537317 Vulnerability Class: SQL Injection Condition: magicquotesgpc = Off...

python off-by-one locale.strxfrm() (possible memory disclosure)

Off-by-one error in the PyLocalestrxfrm function in Modules/localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due ...

CVE-2008-3535

CVE-2008-3535 is an off-by-one error in the iov_iter_advance function of Linux kernel mm/filemap.c, addressed by multiple advisories. Public disclosures in Debian/Ubuntu indicate this allows local attackers to crash the system (denial of service) via certain sequences of readv/writev/file operati...

Integer overflow

Multiple integer overflows in the PyOSvsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service memory corruption or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of...

CVE-2008-3144

Multiple integer overflows in the PyOSvsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service memory corruption or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Web Wiz Forum 9.5 allows remote attackers to log out a user via a link or IMG tag to logoffuser.asp...

youtubeblog-rfisqlxss.txt

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: YouTube Blog 0.1 Multiple Remote...