126 matches found
Information disclosure
VDG Security SENSE formerly DIVA 2.3.13 stores administrator credentials in cleartext, which allows attackers to obtain sensitive information by reading the plugin configuration files...
CVE-2014-9579
CVE-2014-9579 affects VDG Security SENSE (formerly DIVA) 2.3.13. The vulnerability is an information disclosure where administrator credentials are stored in cleartext and can be obtained by reading the plugin configuration files. The issue stems from storing sensitive credentials in an insecure ...
Design/Logic Flaw
Red Hat JBoss Operations Network JON before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail...
Cross site request forgery (csrf)
The Java servlets in the management console in IBM Tivoli Federated Identity Manager TFIM through 6.2.2 and Tivoli Federated Identity Manager Business Gateway TFIMBG before 6.2.2 do not require authentication for all resource downloads, which allows remote attackers to bypass intended J2EE securi...
CVE-2012-3315
The Java servlets in the management console in IBM Tivoli Federated Identity Manager TFIM through 6.2.2 and Tivoli Federated Identity Manager Business Gateway TFIMBG before 6.2.2 do not require authentication for all resource downloads, which allows remote attackers to bypass intended J2EE securi...
CVE-2012-2351
The default configuration of the auth/saml plugin in Mahara before 1.4.2 sets the "Match username attribute to Remote username" option to false, which allows remote SAML IdP servers to spoof users of other SAML IdP servers by using the same internal username...
Debian DSA-2426-1 : gimp - several vulnerabilities
Several vulnerabilities have been identified in GIMP, the GNU Image Manipulation Program. - CVE-2010-4540 Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the 'LIGHTING EFFECTS & LIGHT' plugin allows user-assisted remote attackers to cause a...
DSA-2426-1 gimp - several
Bulletin has no description...
Gimp: Stack-based buffer overflow in Lighting plug-in
Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field...
Gimp: Stack-based buffer overflow in SphereDesigner plug-in
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long "Number of lights" field in a...
Gimp: Stack-based buffer overflow in SphereDesigner plug-in
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long "Number of lights" field in a...
Gimp: Stack-based buffer overflow in Gfig plug-in
Stack-based buffer overflow in the gfigreadparametergimprgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Foreground field in a plugin...
Mandriva Linux Security Advisory : gimp (MDVSA-2011:103)
Multiple vulnerabilities was discovered and fixed in gimp : Stack-based buffer overflow in the 'LIGHTING EFFECTS LIGHT' plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field in a plug...
DEBIAN-CVE-2010-4541
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long "Number of lights" field in a...
DEBIAN-CVE-2010-4542
Stack-based buffer overflow in the gfigreadparametergimprgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Foreground field in a plugin...
Stack overflow
Stack-based buffer overflow in the gfigreadparametergimprgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Foreground field in a plugin...
CVE-2010-4541
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long "Number of lights" field in a...
CVE-2010-4540
Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field...
CVE-2010-4542
The CVE-2010-4542 issue affects GIMP 2.6.11’s GFIG plugin (gfig-style.c) and its gfig_read_parameter_gimp_rgb function. It is a stack-based buffer overflow triggered by a long Foreground field in a plugin configuration file, allowing user-assisted remote denial of service or potential arbitrary c...
CVE-2010-4540
Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field...