mysql/mariadb/percona server -- multiple vulnerabilities

ORACLE reports: Multiple SQL injection vulnerabilities in the replication code Stack-based buffer overflow Heap-based buffer overflow...

BlazeVideo HDTV Player Pro 6.6 Filename Handling Vulnerability

This Metasploit module exploits a vulnerability found in BlazeVideo HDTV Player's filename handling routine. When supplying a string of input data embedded in a .plf file, the MediaPlayerCtrl.dll component will try to extract a filename by using PathFindFileNameA, and then copies whatever the...

Mandriva Update for libproxy MDVSA-2012:172 (libproxy)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-4409

Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...

CVE-2012-4527

Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability...

CVE-2012-4409

The CVE-2012-4409 issue affects MCrypt, specifically mcrypt versions up to and including 2.6.8, due to a flaw in the check_file_head() function (extra.c). A crafted header with long salt data during decryption can trigger a stack-based buffer overflow, enabling a user-assisted remote attacker to ...

update for plib (important)

This update of plib fixed two stack-based buffer overflows...

CVE-2012-4552

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

CVE-2012-4552

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

CVE-2012-4552

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

MS12-076: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2720184) (Mac OS X)

The remote Mac OS X host is running a version of Microsoft Excel that is affected by the following vulnerabilities : - A heap-based buffer overflow vulnerability exists due to the way the application handles memory when opening Excel files. CVE-2012-1885 - A memory corruption vulnerability exists...

Microsoft Office Remote Code Execution Vulnerabilities (2720184) - Mac OS X

This host is missing an important security update according to Microsoft Bulletin MS12-076. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Remote Code Execution Vulnerabilities - 2720184 (Mac OS X)

This host is missing an important security update according to Microsoft Bulletin MS12-076. OpenVAS Vulnerability Test $Id: secpodms12-076macosx.nasl 5958 2017-04-17 09:02:19Z teissa $ Microsoft Office Remote Code Execution Vulnerabilities - 2720184 Mac OS X Authors: Antu Sanadi Copyright:...

CVE-2012-4504

Stack-based buffer overflow in the url::getpac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file...

CVE-2012-4504

Stack-based buffer overflow in the url::getpac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file...

Zoner Photo Studio 15 Buffer Overflow

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Zoner Photo Studio Vendor URL: www.zoner.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2012-10-17 Date published: 2012-11-09 CVSSv2 Score: 4,4 AV:L/AC:M/Au:N/C:P/I:P/A:P CVE: - 2...

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

Stack overflow

Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature...

Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20121010-asa)

The remote Cisco ASA is missing a security patch and, therefore, may be affected by the following issues : - A remote, unauthenticated attacker could cause a denial of service by sending specially crafted DHCP packets. CVE-2012-4643 - When configured for Clientless or AnyConnect SSL VPN, receivin...