192 matches found
DEBIAN-CVE-2008-1289
Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote...
CVE-2008-0295
Heap-based buffer overflow in modules/access/rtsp/realsdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service crash or execute arbitrary code via long Session Description Protocol SDP data...
CVE-2008-0295
Heap-based buffer overflow in modules/access/rtsp/realsdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service crash or execute arbitrary code via long Session Description Protocol SDP data...
MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)
Exploit for unknown platform in category remote exploits ====================================================================== MS Internet Explorer MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification //next script is converted to UTF16...
Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
Microsoft Internet Explorer 7 - Arbitrary File Rewrite MS07-027 MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification //next script is converted to UTF16 target.SessionDescription="MS07-027 mdsauth.dll Proof of Concept exploit" target.SessionAuthor="Andr...
Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification //next script is converted to UTF16 target.SessionDescription="MS07-027 mdsauth.dll Proof of Concept exploit" target.SessionAuthor="Andres Tarasco Acuna" target.SessionEmailContact="atarascoatgmail.co...
DEBIAN-CVE-2007-2293
Multiple stack-based buffer overflows in the processsdp function in chansip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long 1 T38FaxRateManagement or 2 T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP...
DEBIAN-CVE-2007-1804
PulseAudio 0.9.5 allows remote attackers to cause a denial of service daemon crash via 1 a PAPSTREAMDESCRIPTORLENGTH value of FRAMESIZEMAXALLOW sent on TCP port 9875, which triggers a p-export assertion failure in doread; 2 a PAPSTREAMDESCRIPTORLENGTH value of 0 sent on TCP port 9875, which...
DEBIAN-CVE-2007-1561
The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service crash via a SIP INVITE message with an SDP containing one valid and one invalid IP address...
Security Best Practice: MGCP Protocol Enforcement
MGCP is an implementation of the Media Gateway Control Protocol architecture1 for controlling Media Gateways on Internet Protocol IP networks and the public switched telephone network PSTN.MGCP is a signaling and call control protocol used within Voice over IP VoIP systems that typically...
Format string
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0738
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...