CVE-2012-3480

Multiple integer overflows in the 1 strtod, 2 strtof, 3 strtold, 4 strtodl, and other unspecified "related functions" in stdlib in GNU C Library aka glibc or libc6 2.16 allow local users to cause a denial of service application crash and possibly execute arbitrary code via a long string, which...

CVE-2012-0853

The decodeTonalComponents function in the Actrac3 codec atrac3.c in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service infinite loop...

CVE-2012-0815

The CVE-2012-0815 issue affects the RPM package manager prior to 4.9.1.3, specifically in lib/header.c (headerVerifyInfo) where a negative region offset in a package header is not properly handled in a numeric range comparison. This can lead to a denial of service (crash) and potentially arbitrar...

CVE-2012-1144

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap write operation and memory corruption or possibly execute arbitrary code via a crafted TrueType font...

CVE-2012-0851

The ffh264decodeseqparameterset function in h264ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via ...

CVE-2010-2498

The pshglyphfindstrongpoints function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execute arbitrary code via a crafted font file that...

Talking about the failure of the word Trojan horse-vulnerability warning-the black bar safety net

Author: FoolishQiang the original address: A lot of friends in the database, or the configuration file inserted into the word, but can't connect. I summed up for three reasons. Reason one: the case of transition Case transition, this is a bit like DZ's that take shell's method, is that you of the...

MS Windows Server Service Code Execution Exploit (MS08-067) (2k/2k3)

No description provided by source. !/usr/bin/env python MS08-067 Exploit by Debasis Mohanty aka Tr0y/nopsled www.hackingspirits.com www.coffeeandsecurity.com Email: d3basis.m0hanty @ gmail.com import struct import sys from threading import Thread Thread is imported incase you would like to modify...

CVE-2006-6693

Multiple buffer overflows in zabbix before 20061006 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via long strings to the 1 zabbixlog and 2 zabbixsyslog functions...

CVE-2006-5748

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors that trigger memory...

CVE-2006-1723

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the...

CVE-2006-0301

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as 1 poppler, 2 kdegraphics, 3 gpdf, 4 pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed...

CVE-2003-1109

The Session Initiation Protocol SIP implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages...

CVE-2005-0687

Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service memory consumption and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header...

GLSA-200412-08 : nfs-utils: Multiple remote vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200412-08 nfs-utils: Multiple remote vulnerabilities Arjan van de Ven has discovered a buffer overflow on 64-bit architectures in 'rquotaserver.c' of nfs-utils CAN-2004-0946. A remotely exploitable flaw on all architectures also...

Apache < 2.0.44 MS-DOS Device Name DoS / Code Execution

Binary data 1497.prm...

CVE-2004-0733

Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call...

Subversion: Remote heap overflow

Background Subversion is a revision control system that aims to be a "compelling replacement for CVS". It enjoys wide use in the open source community. svnserve allows access to Subversion repositories using URIs with the svn://, svn+ssh://, and other tunelled svn+:// protocols. Description The s...

tcpdump contains vulnerability in RADIUS decoding function print_attr_string() in print-radius.c

Overview tcpdump contains a vulnerability in the way it parses Remote Authentication Dial In User Service RADIUS packets. Description tcpdump is a widely used network sniffer that is capable of decoding RADIUS packets. A vulnerability exists in the way the tcpdump printattrstring function in...

tcpdump contains vulnerability in ISAKMP decoding function rawprint() in print-isakmp.c

Overview tcpdump contains a vulnerability in the way it parses Internet Security Association and Key Management Protocol ISAKMP packets. Description tcpdump is a widely-used network sniffer that is capable of decoding ISAKMP packets. A vulnerability exists in the way the tcpdump rawprint function...