CVE-2017-5524

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method...

CVE-2017-5524

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method...

shopify-scripts: segafult in mruby's sprintf - mrb_str_format

The mruby sprintf gem out of scope of mruby-engine can be crashed when using a hostile "width" value in the format string. Exploit Script =========== ruby s = "hello" sprintf"abcdefghijklmnopqrstuvwxyz % 2147483640s", s Here is the core dump: Core was generated by...

Sandbox Escape

plone is vulnerable to sandbox escape. It is possible to access private content via str.format in through-the-web templates and scripts. str.format, Python's new-style string format introduced in 2.6, causes the security issue on untrusted user input. If an attacker can control the string format...

Python's new string format vulnerability analysis-vulnerability warning-the black bar safety net

This article on Python introduced a formatted string of the new syntax of the security vulnerabilities in-depth analysis, and provide appropriate security solutions. When we are on untrusted user input using str. the format of the time, will bring security risks-for this problem, in fact I have...

PHP 7.0.0格式化字符串漏洞

No description provided by source...

ISC BIND apl_42.c INSIST Assertion Failure Denial of Service (CVE-2015-8704)

A denial-of-service vulnerability has been reported in BIND DNS package bind9. The vulnerability is due to an error in string format operations that causes the BIND daemon to exit with an INSIST assertion failure when processing certain records. A remote attacker could exploit this vulnerability...

PHP openssl_x509_parse() Memory Corruption Vulnerability

Exploit for php platform in category dos / poc Overview: Quote from http://www.php.net "PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML." The PHP function opensslx509parse uses a helper function called...

PHP openssl_x509_parse() Memory Corruption Vulnerability

The PHP function opensslx509parse uses a helper function called asn1timetotimet to convert timestamps from ASN1 string format into integer timestamp values. The parser within this helper function is not binary safe and can therefore be tricked to write up to five NUL bytes outside of an allocated...

PHP < 5.3.3 / 5.2.14 Multiple Vulnerabilities

Binary data 801070.prm...

PHP < 5.2.14 / 5.3.x < 5.3.3 Multiple Vulnerabilities

Binary data 5616.prm...

PHP 5.2.1 格式化字符串漏洞

No description provided by source...

Fedora Core 11 FEDORA-2009-9342 (libsilc)

The remote host is missing an update to libsilc announced via advisory FEDORA-2009-9342. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora Core 10 FEDORA-2009-9356 (libsilc)

The remote host is missing an update to libsilc announced via advisory FEDORA-2009-9356. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora 11 : libsilc-1.1.8-7.fc11 (2009-9342)

Fri Sep 4 2009 Stu Tomlinson 1.1.8-7 - Backport patch to fix stack corruption CVE-2008-7160 521256 - Fri Sep 4 2009 Stu Tomlinson 1.1.8-6 - Backport patch to fix additional string format vulnerabilities 515648 - Wed Aug 5 2009 Stu Tomlinson 1.1.8-5 - Backport patch to fix string format...

Fedora 10 : libsilc-1.1.8-7.fc10 (2009-9356)

Fri Sep 4 2009 Stu Tomlinson 1.1.8-7 - Backport patch to fix stack corruption CVE-2008-7160 521256 - Fri Sep 4 2009 Stu Tomlinson 1.1.8-6 - Backport patch to fix additional string format vulnerabilities 515648 - Wed Aug 5 2009 Stu Tomlinson 1.1.8-5 - Backport patch to fix string format...

Gentoo Security Advisory GLSA 200409-17 (SUS)

The remote host is missing updates announced in advisory GLSA 200409-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200409-17 (SUS)

The remote host is missing updates announced in advisory GLSA 200409-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200405-21 (MC)

The remote host is missing updates announced in advisory GLSA 200405-21. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200405-21 (MC)

The remote host is missing updates announced in advisory GLSA 200405-21. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...