6687 matches found
libX11: Multiple integer overflows leading to heap-based buffer-overflows
Multiple integer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XQueryFont, 2 XF86BigfontQueryFont, 3 XListFontsWithInfo, 4 XGetMotionEvents, 5 XListHosts, 6...
Updated perl-Email-Address packages fix security vulnerabilities
Updated perl-Email-Address package fixes security vulnerability: The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via an empty quoted string in an RFC 2822 address...
UBUNTU-CVE-2014-7187
Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...
PT-2018-10401 · Tinyxml2 +2 · Tinyxml2 +2
Name of the Vulnerable Software and Affected Versions: TinyXML2 version 6.2.0 Description: The issue is related to a heap-based buffer over-read in the XMLDocument::Parse function. However, the developers of TinyXML2 have determined that the reported issue is due to improper use of the library an...
UBUNTU-CVE-2014-5471
Stack consumption vulnerability in the parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service uncontrolled recursion, and system crash or reboot via a crafted iso9660 image with a CL entry referring to a directory...
glibc - NUL Byte gconv_translit_find Off-by-One
glibc - NUL Byte gconvtranslitfind Off-by-One // // Full Exploit: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/34421.tar.gz CVE-2014-5119.tar.gz // // // --------------------------------------------------- // CVE-2014-5119 glibc gconvtranslitfind exploit //...
libvirt: unsafe parsing of XML documents allows libvirt DoS and/or arbitrary file read
It was found that libvirt passes the XMLPARSENOENT flag when parsing XML documents using the libxml2 library, in which case all XML entities in the parsed documents are expanded. A user able to force libvirtd to parse an XML document with an entity pointing to a file could use this flaw to read t...
CVE-2014-0477
The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via an empty quoted string in an RFC 2822 address...
BugHunter HTTP Server 1.6.2 Parse Error Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24566/info BugHunter HTTP Server is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information. Information obtained may lead to further attacks. This issu...
freebsd 4.2-stable ftpd glob() Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious users. During parsing...
KDE 3.5 (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit
No description provided by source. !-- KDE 3.5 | libkhtml = 4.2.0 / Unhandled HTML Parse Exception ============================================================ Tested with Konqueror 3.5.2 and kmail 1.9.1 Federico L. Bossi Bonin [email protected] www.globalst.com.ar Program received signal...
WEB//NEWS <= 1.4 (parser.php) Remote File Include Vulnerability
No description provided by source. ============================================================================================== webnews = v1.4 WNBASEDIR Remote File Inclusion Exploit =============================================================================================== Critical Level :...
MyServer 0.8.9 Filename Parse Error Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24571/info MyServer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. This issue affects MyServer 0.8.9; other versio...
deV!Lz Clanportal [DZCP] <= 1.3.6 - Arbitrary File Upload Vulnerability
No description provided by source. S Y N O P S I S / =================' - access: remote severity: high - deV!Lz Clanportal allows nearly arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload PHP code and execute it,...
Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit
No description provided by source. !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filenam...
Microsoft Internet Explorer 5/6 MSXML XML File Parsing Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7938/info A vulnerability has been reported for the Microsoft Internet Explorer that may result in cross-site scripting attacks. If IE, using the MSXML parser, is unable to parse the requested XML file, it will display a...
WvTFTPd 0.9 - Remote Root Heap Overflow Exploit
No description provided by source. / wvtftp option name heap overflow remote root exploit infamous42md AT hotpop DOT com exploitation is not exactly straight forward. When we overflow our buffer, we overwrite a pointer that is freed before we get to trigger our overwrite. so we have to restore th...
CVE-2013-1397
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...
Design/Logic Flaw
Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...
Design/Logic Flaw
The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397...