BlazeVideo HDTV Player Pro 6.6 Filename Handling Vulnerability

This Metasploit module exploits a vulnerability found in BlazeVideo HDTV Player's filename handling routine. When supplying a string of input data embedded in a .plf file, the MediaPlayerCtrl.dll component will try to extract a filename by using PathFindFileNameA, and then copies whatever the...

Mandriva Update for libproxy MDVSA-2012:172 (libproxy)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-4409

Stack-based buffer overflow in the checkfilehead function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption...

CVE-2012-4527

Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability...

CVE-2012-4409

The CVE-2012-4409 issue affects MCrypt, specifically mcrypt versions up to and including 2.6.8, due to a flaw in the check_file_head() function (extra.c). A crafted header with long salt data during decryption can trigger a stack-based buffer overflow, enabling a user-assisted remote attacker to ...

update for plib (important)

This update of plib fixed two stack-based buffer overflows...

CVE-2012-4552

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

CVE-2012-4552

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

CVE-2012-4552

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

Microsoft Office Remote Code Execution Vulnerabilities - 2720184 (Mac OS X)

This host is missing an important security update according to Microsoft Bulletin MS12-076. OpenVAS Vulnerability Test $Id: secpodms12-076macosx.nasl 5958 2017-04-17 09:02:19Z teissa $ Microsoft Office Remote Code Execution Vulnerabilities - 2720184 Mac OS X Authors: Antu Sanadi Copyright:...

MS12-076: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2720184) (Mac OS X)

The remote Mac OS X host is running a version of Microsoft Excel that is affected by the following vulnerabilities : - A heap-based buffer overflow vulnerability exists due to the way the application handles memory when opening Excel files. CVE-2012-1885 - A memory corruption vulnerability exists...

Microsoft Office Remote Code Execution Vulnerabilities (2720184) - Mac OS X

This host is missing an important security update according to Microsoft Bulletin MS12-076. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2012-4504

Stack-based buffer overflow in the url::getpac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file...

CVE-2012-4504

Stack-based buffer overflow in the url::getpac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file...

Zoner Photo Studio 15 Buffer Overflow

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Zoner Photo Studio Vendor URL: www.zoner.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2012-10-17 Date published: 2012-11-09 CVSSv2 Score: 4,4 AV:L/AC:M/Au:N/C:P/I:P/A:P CVE: - 2...

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

Stack overflow

Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature...

Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20121010-asa)

The remote Cisco ASA is missing a security patch and, therefore, may be affected by the following issues : - A remote, unauthenticated attacker could cause a denial of service by sending specially crafted DHCP packets. CVE-2012-4643 - When configured for Clientless or AnyConnect SSL VPN, receivin...

Stack overflow

Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances ASA 5500 series devices, and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices, with software 8.3 before 8.32.34, 8.4 before 8.44.4, 8.5 before 8.51.13, and 8.6 before 8.61.3 and th...