129 matches found
CVE-2010-4541
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long "Number of lights" field in a...
CVE-2010-4542
The CVE-2010-4542 issue affects GIMP 2.6.11’s GFIG plugin (gfig-style.c) and its gfig_read_parameter_gimp_rgb function. It is a stack-based buffer overflow triggered by a long Foreground field in a plugin configuration file, allowing user-assisted remote denial of service or potential arbitrary c...
CVE-2010-4540
Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field...
CVE-2010-4542
Stack-based buffer overflow in the gfigreadparametergimprgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Foreground field in a plugin...
Fedora 13 : xinha-0.96.1-2.fc13 (2010-9320)
Name: CVE-2010-1916 URL: https://vulners.com/cve/CVE-2009-1916 Assigned: 20100511 Reference: MISC: http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiw yg-editor-plugin-configuration-injection-vulnerability/index.html Reference: MISC:...
migascms "Xinha" Plugin Configuration Injection Vulnerability
Exploit for php platform in category web applications ============================================================= migascms "Xinha" Plugin Configuration Injection Vulnerability =============================================================...
CVE-2010-1916
Removed by vendor...
CVE-2010-1916
The CVE-2010-1916 entry affects the Xinha WYSIWYG editor (0.96 Beta 2 and earlier) used in Serendipity 1.5.2 and older. The vulnerability arises in the dynamic configuration feature, where (1) backend_config_secret_key_location and backend_config_hash (used in a SHA1 hash of a shared secret that ...
DEBIAN-CVE-2009-2334
wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify this file, as...