1102 matches found
[ MDKSA-2007:021 ] - Updated xpdf packages fix crafted pdf file vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:021 http://www.mandriva.com/security/ Package : xpdf Date : January 18, 2007 Affected: 2007.0, Corporate 3.0, Corporate 4.0 Problem Description: The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1...
[ MDKSA-2007:019 ] - Updated pdftohtml packages fix crafted pdf file vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:019 http://www.mandriva.com/security/ Package : pdftohtml Date : January 18, 2007 Affected: 2006.0, 2007.0 Problem Description: The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in...
Memory corruption
The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service infinite loop, arbitrary code execution, or memory corruption, via a PDF file with a 1 crafted catalog dictionary or 2 a crafted...
CVE-2007-0103
CVE-2007-0103 concerns the Adobe PDF specification 1.3 as implemented by Adobe Acrobat prior to 8.0.0. A remote attacker can abuse a PDF file with a crafted catalog dictionary or a crafted Pages attribute referencing an invalid page tree node, potentially triggering denial of service (infinite lo...
PHP-Update 2.7 - extract() Authentication Bypass Shell Injection
PHP-Update 2.7 - extract Authentication Bypass Shell Injection 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont+...
Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit
No description provided by source. ?php printr' -------------------------------------------------------------------------------- Woltlab Burning Board Lite 1.0.2 decodecookie sql injection exploit by rgod [email protected] site: http://retrogod.altervista.org dork: "Powered by Burning Board Lite...
exV2 < 2.0.4.3 - 'sort' SQL Injection
!/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs and if 'messages' module is enabled / if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord...
DMA-2006-0112a.txt
DMA2006-0112a - 'Toshiba Bluetooth Stack Directory Transversal' Author: Kevin Finisterre Vendor: http://www.toshiba-tro.de/ Product: 'Toshiba Bluetooth Stack =v4.00.23T' References: http://www.digitalmunition.com/DMA2006-0112a.txt Description: Toshiba was one of the first companies to provide a...
Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability
Description The PKINIT implementation in Microsoft Windows is susceptible to a man in the middle vulnerability. This issue is due to a failure of the software to properly validate network data. This issue is only exploitable by attackers that have access to valid logon credentials. Attackers...
Bluetooth SIG Denial of Service vulnerability
The next D.o.S. can be reproduced "at home", with a simple laptop. A bluettoth enabled PDA can reach same results. 1 D.o.S. to the bluetooth device Many bluetooth device communications can be totally inhibited simply by sending a ping-flood to the device from a linux laptop with bluetooth...
CVE-2004-1038
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: th...
CVE-2004-1038
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: th...
CVE-2005-0174
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...
CVE-2005-0174
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...
CVE-2005-0174
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including 1 multiple Content-Length headers, 2 carriage return CR characters that are not part of a CRLF pair, and 3 header names containing...
DEBIAN-CVE-2004-2714
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability...
CVE-2004-1038
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: th...
Lotus Notes URI command line modification
notes: URI allows to execute notes.exe with any arguments, for example to cpecify .ini file location...
Дырка в gtk+ (GTK_MODULES)
Пользователь может указать расположение библиотек через переменную GTKMODULES...
sysback makes call to hostname without a fully qualified path specification
Overview sysback , shipped with AIX systems, allows local users to gain root access because of a failure to use a fully qualified path for a call to hostname. Description sysback includes a call to hostname but does not include a full path specification. Because sysback is set uid root, intruders...