379 matches found
Moderate: Red Hat Security Advisory: gimp security update
Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GIMP GNU Image Manipulation Program is an image composition and editing program. Marsu discovere...
Stack overflow in gimp's sunras plugin
Stack-based buffer overflow in the setcolortable function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file...
gimp2214-overflow.txt
/ :: Kristian Hermansen :: Date: 20070509 Description: Gimp 2.2.14 RAS vuln, thanks to Marsu. This one is universal download and exec using call esp in libgimpcolor-2.0-0.dll. Vulnerable: Gimp 2.2.14 Tested: Gimp 2.2.14 on Windows Vista, XP, 2000 Compile: gcc -o netsniper-gimpu netsniper-gimpu.c...
GLSA-200705-08 : GIMP: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200705-08 GIMP: Buffer overflow Marsu discovered that the 'setcolortable' function in the SUNRAS plugin is vulnerable to a stack-based buffer overflow. Impact : An attacker could entice a user to open a specially crafted .RAS file...
Gimp 2.2.14 .RAS File Download/Execute Buffer Overflow Exploit (win32)
Exploit for unknown platform in category local exploits ====================================================================== Gimp 2.2.14 .RAS File Download/Execute Buffer Overflow Exploit win32 ====================================================================== / :: Kristian Hermansen :: Dat...
GIMP buffer overflow
Buffer overflow in SUNRAS plugin on RAS files parsing...
CVE-2007-2356
Stack-based buffer overflow in the setcolortable function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file...
CVE-2007-2356
Stack-based buffer overflow in the setcolortable function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file...
Stack overflow
Stack-based buffer overflow in the setcolortable function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file...
DEBIAN-CVE-2007-2356
Stack-based buffer overflow in the setcolortable function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file...
CVE-2007-2356
Stack-based buffer overflow in the setcolortable function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file...
Gimp SUNRAS插件set_color_table()缓冲区溢出漏洞
GIMP是GNU Image Manipulation Program(GNU图像处理程序)的缩写,是一款跨平台的图像处理软件。 GIMP的SUNRAS插件处理还有畸形数据的RAS文件时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户机器。 SUNRAS插件中setcolortable函数中存在栈溢出漏洞,plug-ins/common/sunras.c文件中漏洞代码如下: int ncols, j; guchar ColorMap2563; ncols = sunhdr-lrasmaplength / 3; if ncols = 0 return; for j = 0; j...
CVE-2002-0366
CVE-2002-0366 describes a buffer overflow in the Windows RAS phonebook service that allows a local user to execute arbitrary code with LocalSystem privileges by crafting a long dial-up entry in rasphone.pbk. Affected products include Windows NT 4.0 (and Terminal Server Edition), Windows 2000, Win...
3com RAS 1500 / Wyse Winterm Malformed Packet Remote DoS
It was possible to crash the remote host by sending a specially crafted IP packet with a null length for IP option 0xE4 An attacker may use this flaw to prevent the remote host from accomplishing its job properly. C Tenable Network Security, Inc. THIS SCRIPT WAS NOT TESTED ! will only work with...
3Com SuperStack II RAS 1500 - Unauthorized Access
3Com SuperStack II RAS 1500 - Unauthorized Access source: https://www.securityfocus.com/bid/7176/info A vulnerability has been reported in 3Com RAS 1500 router that may allow attackers to access sensitive data. Specifically, RAS 1500 devices fail to carry out authentication when requests are made...
3Com SuperStack II RAS 1500 - Unauthorized Access
source: https://www.securityfocus.com/bid/7176/info A vulnerability has been reported in 3Com RAS 1500 router that may allow attackers to access sensitive data. Specifically, RAS 1500 devices fail to carry out authentication when requests are made for various files that may contain sensitive...
3Com SuperStack II RAS 1500 - IP Header Denial of Service
// source: https://www.securityfocus.com/bid/7175/info vulnerability has been reported in the 3Com SuperStack II RAS 1500 router. The problem occurs when processing network packets containing malicious IP headers. When received, the packet may cause the router to crash. / 3com superstack II RAS...
3com RAS 1500 Remote vulnerabilities.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: 3com RAS 1500 Remote vulnerabilities. Product: 3C433279A-US http://www.3com/ras1500 Version: Firmware X2.0.10 URL: http://isec.pl/vulnerabilities/isec-0009-3com-ras.txt Author: Piotr Chytla [email protected] Date: February 27, 2003 Issue: - ------...
Multiple bugs in 3COM RAS 1500
Invalid IP options DoS, Web interface unauthorized access...
3Com SuperStack II RAS 1500 - IP Header Denial of Service
3Com SuperStack II RAS 1500 - IP Header Denial of Service // source: https://www.securityfocus.com/bid/7175/info vulnerability has been reported in the 3Com SuperStack II RAS 1500 router. The problem occurs when processing network packets containing malicious IP headers. When received, the packet...