552 matches found
CVE-2006-2193
Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character i...
CVE-2005-4713
Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors, probably involving the pammysqlsqllog function when being used in vsftpd, which does not...
CVE-2005-4713
Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors, probably involving the pammysqlsqllog function when being used in vsftpd, which does not...
Fedora Core 3 : perl-5.8.5-22.FC3 (2005-1145)
o Updated upstream fix for sprintf integer overflow vulnerabilities CVE-2005-3962 and CVE-2005-3912, including new Sys::Syslog 0.08 o Updated fix for bug 136009 / MakeMaker LDRUNPATH issue: restore previous default Red Hat behavior of removing the MakeMaker generated LDRUNPATH setting from the li...
Perl programs providing user-controlled I/O format strings may contain format string vulnerabilities
Overview Programs written in Perl may contain many of the same types of format string vulnerabilities as programs written in C. Description Perl is a programming language used in many applications and commonly used for web applications. It provides many of the same functions for formatted I/O as ...
perl, webmin, usermin -- perl format string integer wrap vulnerability
The Perl Development page reports: Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on the machine. This was...
[Full-disclosure] Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0
Luigi Auriemma Application: Chris Moneymaker's World Poker Championship http://moneymakergaming.com Versions: 1.0 Platforms: Windows Bug: buffer-overflow Exploitation: remote, versus server Date: 17 Aug 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1...
Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/12977/info A buffer overflow is present in Jedi Academy that can be exploited remotely by client systems. The overflow is due to the use of the sprintf function in a text visualization procedure, GPrintf. The attacker can exploit this vulnerability to...
cscope -- buffer overflow vulnerabilities
Jason Duell reports: Cscope contains an alarming number of buffer overflow vulnerabilities. By a rough count, there are at least 48 places where we blindly sprintf a file name into a fixed-length buffer of size PATHLEN without checking to see if the file's name is = PATHLEN. We do similar things...
British National Corpus SARA - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/10984/info sarad is reported prone to a buffer overflow vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. A remote attacker can trigger the overflow condition by supplying a large string value to the...
Buffer overflow in Python code
Hi, I've found buffer overflow in Python 2.1.1 source code. Maybe there're many others The buffer overflow is in the file traceback.c in the directory Python of the Python source code. Simply there's a sprintf done in this way: sprintflinebuf,FMT,filename,lineno,name What cause the overflow is th...
Удаленная дырка в innd
Классическое переполнение буфера в функции sprintf. Теоретически позволяет выполнение кода uid news...