Lucene search
K

126 matches found

0day.today
0day.today
added 2013/12/17 12:0 a.m.209 views

PHP openssl_x509_parse() Memory Corruption Vulnerability

Exploit for php platform in category dos / poc Overview: Quote from http://www.php.net "PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML." The PHP function opensslx509parse uses a helper function called...

7.5CVSS0.2AI score0.35635EPSS
Exploits8
OpenVAS
OpenVAS
added 2013/10/29 12:0 a.m.42 views

CentOS Update for java CESA-2013:1447 centos5

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2013:1447 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS0.7AI score0.24738EPSS
Exploits0References2
Amazon
Amazon
added 2013/10/23 12:0 a.m.261 views

Critical: java-1.7.0-openjdk

Issue Overview: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual...

10CVSS9AI score0.24738EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/10/15 12:0 a.m.13 views

Fedora 20 : fedmsg-0.7.1-2.fc20 (2013-17923)

Latest upstream. Bugfix to broken CRL serial parsing code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

5.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.26 views

Debian Security Advisory DSA 2595-1 (ghostscript - integer overflow)

Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb25951.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2595-1 using nvtgen 1.0 Script version: 1.0...

6.8CVSS0.4AI score0.07486EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2013/05/30 12:0 a.m.26 views

Adobe Reader U3D Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader 10.1.4 on OSX. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within parsi...

7.5CVSS5.7AI score0.05403EPSS
Exploits0References1
OSV
OSV
added 2012/12/30 12:0 a.m.14 views

DSA-2595-1 ghostscript - buffer overflow

Bulletin has no description...

6.8CVSS6.3AI score0.07486EPSS
Exploits0
Debian
Debian
added 2012/08/23 10:51 a.m.37 views

[BSA 076] Security update for libreoffice

Rene Engelhard uploaded new packages for libreoffice which fixed the following security problems: CVE-2012-1149 multiple heap-based buffer overflows in OpenOffice.orgs XML manifest encryption tag parsing code For the squeeze-backports distribution the problems have been fixed in version...

7.5CVSS3.7AI score0.13734EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/10/14 12:0 a.m.19 views

FreeBSD : openoffice -- arbitrary command execution vulnerability (e595e170-6771-11dc-8be8-02e0185f8d72)

iDefense reports : Remote exploitation of multiple integer overflow vulnerabilities within OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code. These vulnerabilities exist within the TIFF parsing code of the OpenOffice suite. When...

9.3CVSS6.3AI score0.1132EPSS
Exploits0References3
seebug.org
seebug.org
added 2011/06/25 12:0 a.m.27 views

DEC Alpha Linux <= 3.0 Local Root Exploit

No description provided by source. / DEC Alpha Linux = 3.0 local root exploit by Dan Rosenberg @djrbliss Usage: $ gcc alpha-omega.c -o alpha-omega $ ./alpha-omega Notes: -Payload specific to = 2.6.28 no cred struct, modify as needed -Socket trigger tested on 2.6.28 adjust offset as needed -INETDI...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2010/05/11 5:45 p.m.17 views

Microsoft Patches Worm Holes in Mail Server, Visual Basic for Apps

Microsoft today issued patches for a pair of critical remote code execution vulnerabilities in Windows and Microsoft Office and urged affected users to apply the fixes as soon as possible. The most serious issue, addressed in the MS10-030 bulletin, affects Outlook Express, Windows Mail and Window...

0.9AI score
Exploits0References4
OpenVAS
OpenVAS
added 2009/01/28 12:0 a.m.30 views

SuSE Update for OpenOffice_org SUSE-SA:2007:052

Check for the Version of OpenOfficeorg OpenVAS Vulnerability Test $Id: gbsuse2007052.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for OpenOfficeorg SUSE-SA:2007:052 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is...

9.3CVSS6.3AI score0.1132EPSS
Exploits0References1
securityvulns
securityvulns
added 2008/07/10 12:0 a.m.92 views

iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability

iDefense Security Advisory 07.08.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 08, 2008 I. BACKGROUND SQL Server is Microsoft's database server product. It supports the restoration and inspection of backups via SQL statements. For more information see the vendor's website found at...

9CVSS0.5AI score0.34539EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/06/24 12:0 a.m.20 views

Debian DSA-1598-1 : libtk-img - buffer overflow

It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

6.8CVSS8.9AI score0.04246EPSS
Exploits1References2
Prion
Prion
added 2008/02/06 9:0 p.m.15 views

Design/Logic Flaw

Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code...

6.8CVSS8.1AI score0.03881EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2008/02/06 8:0 p.m.28 views

CVE-2008-0630

Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code...

6.8CVSS7.6AI score0.03881EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.15 views

Debian Security Advisory DSA 290-1 (sendmail-wide)

The remote host is missing an update to sendmail-wide announced via advisory DSA 290-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.6AI score0.38188EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.30 views

openSUSE 10 Security Update : mutt (mutt-1701)

Mutt had a buffer overflow in IMAP namespace parsing code which may open a possible remote vulnerability CVE-2006-3242. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mutt-1701. The text...

7.5CVSS5.8AI score0.05889EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.39 views

openSUSE 10 Security Update : freetype2 (freetype2-3066)

This update of freetype2 fixes an integer overflow in the BDF font parsing code. This bug can be exploited only with user assistance to potentially execute arbitrary code. CVE-2007-1351 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

8.5CVSS8.7AI score0.05586EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/09/24 12:0 a.m.20 views

Debian DSA-1375-1 : openoffice.org - buffer overflow

A heap overflow vulnerability has been discovered in the TIFF parsing code of the OpenOffice.org suite. The parser uses untrusted values from the TIFF file to calculate the number of bytes of memory to allocate. A specially crafted TIFF image could trigger an integer overflow and subsequently a...

9.3CVSS6.1AI score0.1132EPSS
Exploits0References2
Rows per page
Query Builder