IBM DB2 9.1 < Fix Pack 12 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.1 running on the remote host is affected by one or more of the following issues : - An integer signedness error exists in the 'db2asrrm' process that can lead to a heap-based buffer overflow. Note that this issue does not affect Windows host...

CVE-2011-3148

Stack-based buffer overflow in the assembleline function in modules/pamenv/pamenv.c in Linux-PAM aka pam before 1.1.5 allows local users to cause a denial of service crash and possibly execute arbitrary code via a long string of white spaces at the beginning of the /.pamenvironment file...

CVE-2011-3464

Off-by-one error in the pngformattedwarning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow...

CVE-2011-3464

Off-by-one error in the pngformattedwarning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow...

CVE-2011-3464

Off-by-one error in the pngformattedwarning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow...

CVE-2012-3008

Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items...

CVE-2012-4024

CVE-2012-4024 concerns a stack-based buffer overflow in the get_component function of unsquashfs.c in Squashfs tooling (unsquashfs) up to version 4.2. Exploitation via a crafted list file for the -ef option could allow remote arbitrary code execution. Connected advisories confirm the flaw affects...

CVE-2012-4024

Stack-based buffer overflow in the getcomponent function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file aka a crafted file for the -ef option. NOTE: probably in most cases, the list file is a trusted file...

SuSE 10 Security Update : pidgin, finch and libpurple (ZYPP Patch Number 8220)

This update of pidgin fixes a stack-based buffer overflow in the MXit protocol which could have potentially been exploited by remote attackers to execute arbitrary code in the context of the user running pidgin. CVE-2012-3374 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text descripti...

Pidgin 'mxit_show_message()'基于栈的缓冲区溢出漏洞

Bugtraq ID:54322 CVE ID:CVE-2012-3374 Pidgin是一款多协议即时通信软件 如果进入的消息包含内联图像，"mxitshowmessage"函数libpurple/protocols/mxit/markup.c解析时存在一个边界错误，允许攻击者构建特制的RX消息触发基于栈的缓冲区溢出，成功利用漏洞可以以应用程序上下文执行任意代码 0 Pidgin 2.x 厂商解决方案 Pidgin 2.10.5已经修复此漏洞，建议用户下载使用： http://www.pidgin.im/news/security/index.php?id=64...

CVE-2012-1830

WellinTech KingView 6.53 is affected by CVE-2012-1830 due to a stack-based buffer overflow in KingView that can be triggered by a crafted packet sent to TCP port 555, potentially enabling remote code execution. Related advisories (RH-CVE, PRION, CPS/ICS) corroborate a remote-exploitation vector a...

Photodex ProShow Producer 5.0.3256 Buffer Overflow

Exploit for windows platform in category local exploits 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2012-06-06 Date published: 2012-07-02 CVSSv2 Score: 6,9...

CVE-2012-3055

Stack-based buffer overflow in the Cisco WebEx Recording Format WRF player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a...

Quagga < 0.99.17 BGPD Multiple Vulnerabilities

According to its self-reported version number, the installation of Quagga's BGPD listening on the remote host is affected by multiple vulnerabilities : - A stack-based buffer overflow vulnerability can be triggered by a specially crafted BGP ROUTE-REFRESH message with a malformed Outbound Route...

CVE-2011-4599

Stack-based buffer overflow in the canonicalize function in common/uloc.c in International Components for Unicode ICU before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization...

CVE-2011-4599

ICU vulnerability CVE-2011-4599 is described in IBM/Intel ICU-related advisories as a stack-based buffer overflow in the _canonicalize function (common/uloc.c) of ICU prior to 49.1, allowing remote code execution via crafted locale IDs during variant canonicalization. Connected sources also refer...

Secunia Research: Network Instruments Observer SNMP OID Processing Denial of Service

====================================================================== Secunia Research 07/06/2012 - Network Instruments Observer - - SNMP OID Processing Denial of Service Vulnerability - ====================================================================== Table of Contents Affected...

ZDI-12-077 : Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-077 : Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-077 June 6, 2012 - -- CVE ID: CVE-2012-0667 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendor...

CVE-2012-2035

Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610,...

Snort 2 DCE/RPC preprocessor Buffer Overflow

Exploit for multiple platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core...