117 matches found
Mozilla Firefox 14.01 Denial Of Service
Description: Mozilla Firefox is prone to a memory exhaustion vulnerability. The issue has been tested on Firefox 14.01, prior versions may also be affected. mozalloc.cpp, line 184: mozxposixmemalignvoid ptr, sizet alignment, sizet size int err = posixmemalignptr, alignment, size; if UNLIKELYerr &...
DomsHttpd 1.0 - Remote Denial of Service
!/usr/bin/perl DomsHttpd 1.0 Usage: domshttpd.pl host port use strict; use warnings; use IO::Socket; my $host = shift || "localhost"; my $port = shift || 88; my $sock = IO::Socket::INET-new Proto = "tcp", PeerAddr = $host, PeerPort = $port ; my $junk = "A"x3047; print $sock "POST /...
DomsHttpd 1.0 - Remote Denial of Service
DomsHttpd 1.0 - Remote Denial of Service !/usr/bin/perl DomsHttpd 1.0 Usage: domshttpd.pl host port use strict; use warnings; use IO::Socket; my $host = shift || "localhost"; my $port = shift || 88; my $sock = IO::Socket::INET-new Proto = "tcp", PeerAddr = $host, PeerPort = $port ; my $junk =...
WaveSurfer 1.8.8p4 <= Memory Corruption PoC
Exploit for windows platform in category dos / poc !/usr/bin/perl WaveSurfer 1.8.8p4 This script creates a crafted WAV file which leads the application to crash DoS. my $crafted = "\x52\x49\x46\x46\x20\x12\x01\x00\x57\x41\x56\x45\x66\x6D\x74\x20"...
BookNux 0.2 <= Multiple Vulnerabilities
BookNux 0.2 = Multiple Vulnerabilities Discovered by: Jean Pascal Pereira [email protected] Vendor information: "Commentics is a free, advanced PHP comment script with many features. Professionally written and with open source code, its main aims are to be integrable, customizable and secure."...
BookNux 0.2 Cross Site Scripting / SQL Injection
BookNux 0.2 Vendor information: "This is an online bookmark manager. It's allow several user, share bookmark private or public. It's use php and mysql." Vendor URI: http://developer.berlios.de/projects/booknux/ Issues: SQL Injection, Cross Site Scripting Risk-level: High...
plow 0.0.5 <= Buffer Overflow Vulnerability
plow 0.0.5 = Buffer Overflow Vulnerability Discovered by: Jean Pascal Pereira [email protected] Vendor information: "plow is a command line playlist generator." Vendor URI: http://developer.berlios.de/projects/plow/ Risk-level: Medium The application is prone to a local buffer overflow...
Plow 0.0.5 Buffer Overflow
plow 0.0.5 Vendor information: "plow is a command line playlist generator." Vendor URI: http://developer.berlios.de/projects/plow/ Risk-level: Medium The application is prone to a local buffer overflow vulnerability. ------------------------------------- IniParser.cpp, line 26: 26: char...
Linux/x86 - execve(/bin/sh) Shellcode (28 bytes)
Linux/x86 - execve/bin/sh Shellcode 28 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux x86 execve"/bin/sh" - 28 bytes Author: Jean Pascal Pereira Web: http://0xffe4.org Disassembly of section .text: 08048060 : 8048060: 31 c0 xor %eax,%eax 8048062: 50 push %eax 8048063: 68 2f 2f 73 6...
CVE-2007-2998
The Pascal run-time library PAS$RTL.EXE before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service system crash via certain Pascal code...
Code injection
The Pascal run-time library PAS$RTL.EXE before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service system crash via certain Pascal code...
CVE-2007-2998
The Pascal run-time library PAS$RTL.EXE before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service system crash via certain Pascal code...
CVE-2007-2998
CVE-2007-2998 affects the Pascal run-time library PAS$RTL.EXE on OpenVMS: OpenVMS for Integrity Servers 8.3 (before 20070418) and OpenVMS Alpha 8.3 (before 20070419). The issue is that PAS$RTL.EXE does not properly restore PC and PSL values, which enables local users to trigger a denial of servic...
Ubuntu 4.10 / 5.04 / 5.10 : flex vulnerability (USN-260-1)
Chris Moore discovered a buffer overflow in a particular class of lexicographical scanners generated by flex. This could be exploited to execute arbitrary code by processing specially crafted user-defined input to an application that uses a flex scanner for parsing. This flaw particularly affects...
USN-260-1: flex vulnerability
Chris Moore discovered a buffer overflow in a particular class of lexicographical scanners generated by flex. This could be exploited to execute arbitrary code by processing specially crafted user-defined input to an application that uses a flex scanner for parsing. This flaw particularly affects...
CVE-2005-2753
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string...
[SA16422] Bloodshed Dev-Pascal NULL Character File Display Weakness
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...