Mageia: Security Advisory (MGASA-2020-0294)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

libpodofo.so is vulnerable to denial of service DoS. The vulnerability exists because the function setSource in pdftranslator.cpp does not block the malicious PDF sent by the attacker, triggering a NULL pointer dereference and generating a SEGV signal...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. PoDoFo::Impose::PdfTranslator::setSource in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can for example be triggered by sending a crafted PDF file to the podofoimpose binary. It allows...

DEBIAN-CVE-2019-9199

PoDoFo::Impose::PdfTranslator::setSource in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can for example be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified...

UBUNTU-CVE-2019-9199

PoDoFo::Impose::PdfTranslator::setSource in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can for example be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified...

Null pointer dereference

PoDoFo::Impose::PdfTranslator::setSource in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can for example be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified...

CVE-2019-9199

PoDoFo 0.9.6 contains a NULL pointer dereference in PoDoFo::Impose::PdfTranslator::setSource() (pdftranslator.cpp) that can be triggered by a crafted PDF via podofoimpose, leading to Denial of Service (segmentation fault) and potential other impact. The issue has been fixed in PoDoFo 0.9.7, as no...

PT-2019-19432 · Podofo +2 · Podofo +2

Name of the Vulnerable Software and Affected Versions: PoDoFo version 0.9.6 Description: The issue is related to a NULL pointer dereference in the setSource function, which can be triggered by sending a crafted PDF file. This can cause a Denial of Service Segmentation fault or possibly have other...

Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability

No description provided by source. !-- Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability when viewing the device web interface it asks to install an ActiveX control with the following settings: ProductName: Player...

Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 HttpClients::IE, :uaminver = "6.0",...

Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow

Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

Cisco Linksys PlayerPT - ActiveX Control SetSource sURL argument Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 HttpClients::IE, :uaminver = "6.0",...

Cisco Linksys PlayerPT - ActiveX Control Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 HttpClients::IE, :uaminver = "6.0",...

Cisco Linksys PlayerPT ActiveX Control SetSource() Multiple Overflows

The Cisco Linksys PlayerPT ActiveX Control is installed on the remote Windows host. The installed version of the control is affected by the following buffer overflow vulnerabilities in the SetSource method : - The 'base64string' argument is not properly sanitized. EBD-ID 18641 - The 'sURL' argume...

Stack overflow

Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument aka the sURL argument...

Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability

!-- Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability when viewing the device web interface it asks to install an ActiveX control with the following settings: ProductName: PlayerPT ActiveX Control Module File...

Cisco PlayerPT ActiveX buffer overflow

Buffer overflow in SetSource method...

Cisco Linksys WVC200 Wireless-G PTZ Internet Video Buffer Overflow

Exploit for windows platform in category dos / poc ; msvcrt.sprintf 03238246 52 push edx 03238247 8D8C24 EC020000 lea ecx,dword ptr ss:esp+2EC 0323824E 68 48612603 push PlayerPT.03266148 ; ASCII "%s" 03238253 51 push ecx 03238254 FFD7 call edi --------------...

Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow (PoC)

; msvcrt.sprintf 03238246 52 push edx 03238247 8D8C24 EC020000 lea ecx,dword ptr ss:esp+2EC 0323824E 68 48612603 push PlayerPT.03266148 ; ASCII "%s" 03238253 51 push ecx 03238254 FFD7 call edi !-- saved fro...