Out of bounds read while decoding JPG images — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover a fixed offset out of bounds read issue while decoding specifically formatted JPG format images. This causes a non-exploitable crash...

Qemu: qcow2: NULL dereference in qcow2_open() error path

The qcow2open function in the block/qcow2.c in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service NULL pointer dereference via a crafted image which causes an error, related to the initialization of the snapshotoffset and nbsnapshots fields...

Qemu: qcow2: NULL dereference in qcow2_open() error path

The qcow2open function in the block/qcow2.c in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service NULL pointer dereference via a crafted image which causes an error, related to the initialization of the snapshotoffset and nbsnapshots fields...

Qemu: qcow2: NULL dereference in qcow2_open() error path

The qcow2open function in the block/qcow2.c in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service NULL pointer dereference via a crafted image which causes an error, related to the initialization of the snapshotoffset and nbsnapshots fields...

PT-2018-2960 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel version 3.10.x Description: The issue is related to a flaw in the Linux kernel that allows userspace to call functions like memcpy fromiovecend with a zero offset and buffer length, causing a read beyond buffer boundaries. This c...

Yokogawa CENTUM CS3000 'BKHOdeq.exe'栈缓冲区溢出漏洞

Bugtraq ID:66111 Yokogawa CENTUM CS3000是一款生产控制系统。 Yokogawa CENTUM CS3000 'BKHOdeq.exe'处理特制报文时存在一个基于栈的缓冲区溢出，允许攻击者利用漏洞提交特殊的请求可使应用程序崩溃或执行任意代码。 0 Yokogawa CENTUM CS 3000 R3.08.50 厂商补丁： Yokogawa ----- 用户可联系厂商获得相应的升级或补丁程序： http://www.yokogawa.com This module requires Metasploit:...

USN-2123-1: file vulnerabilities

It was discovered that file incorrectly handled Composite Document files. An attacker could use this issue to cause file to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. CVE-2012-1571 Bernd Melchers discovered that file incorrectly handle...

DEBIAN-CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

Double free

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

Sub Encoder (optimised)

Encodes a payload using a series of SUB instructions and writing the encoded value to ESP. This concept is based on the known SUB encoding approach that is widely used to manually encode payloads with very restricted allowed character sets. It will not reset EAX to zero unless absolutely necessar...

file -- denial of service

The Fine Free file project reports: file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

CVE-2013-6267

Multiple cross-site scripting XSS vulnerabilities in Claroline before 1.11.9 allow remote attackers to inject arbitrary web script or HTML via the 1 box parameter to messaging/messagebox.php, cidToEdit parameter to 2 adminregisteruser.php or 3 adminusercoursesettings.php in admin/, 4 moduleid...

xorg-x11-server security and bug fix update

1.13.0-23 - Fix root window damage reports when Xinerama is active 919165 1.13.0-22 - Fix Xephyr crashes in 8 and 16 bit mode 1018405 1.13.0-21 - Fix Damage reports when Xinerama is active 919165 1.13.0-20 - Fix broken Xorg -configure 1016854 - CVE-2013-1940: Fix xf86FlushInput to drain evdev...

Windows Gather Prefetch File Information

This module gathers prefetch file information from WinXP, Win2k3 and Win7 systems and current values of related registry keys. From each prefetch file we'll collect filetime converted to utc of the last execution, file path hash, run count, filename and the execution path. This module requires...

Sami FTP 2.0.1 MKD Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Sami FTP MKD buffer overflow SEH + Bypass ASL Date: 11 Agosto 2013 Exploit Author: Christian Polunchis Ramirez https://intrusionlabs.org Vendor Homepage: http://www.karjasoft.com/old.php Version: Sami FTP...

Fedora 19 : fdupes-1.51-1.fc19 (2013-13176)

Upstream - Added support for 64-bit file offsets on 32-bit systems. - Using tty for interactive input instead of regular stdin. This is to allow feeding filenames via stdin in future versions of fdupes without breaking interactive deletion feature. - Fixed some typos in --help. - Turned C++ style...

Fedora 18 : fdupes-1.51-1.fc18 (2013-13166)

Upstream - Added support for 64-bit file offsets on 32-bit systems. - Using tty for interactive input instead of regular stdin. This is to allow feeding filenames via stdin in future versions of fdupes without breaking interactive deletion feature. - Fixed some typos in --help. - Turned C++ style...