Lucene search
K

227 matches found

Check Point Advisories
Check Point Advisories
added 2010/02/10 12:0 a.m.24 views

Apple QuickTime MOV File String Handling Integer Overflow (CVE-2005-2753)

Apple QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous video formats. QuickTime is capable of processing the Apple QuickTime movie file format, which is a proprietary format created by Appl...

5.1CVSS7.2AI score0.02139EPSS
Exploits0
Fedora
Fedora
added 2009/11/14 3:33 a.m.39 views

[SECURITY] Fedora 11 Update: qt-4.5.3-9.fc11

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

9.3CVSS1.7AI score0.06192EPSS
Exploits3
Kaspersky
Kaspersky
added 2009/06/23 12:0 a.m.33 views

KLA10164 DoS vulnerability in Foxit Reader

Improper string handling was found in Foxit Reader. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed PDF file. Original advisories - Related products Foxit-Reader...

9.3CVSS7.9AI score0.05633EPSS
Exploits0References2
NVD
NVD
added 2009/03/16 5:30 p.m.21 views

CVE-2009-0912

perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors...

7.2CVSS6.8AI score0.00375EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.26 views

RedHat Update for ruby RHSA-2008:0561-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0561-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

10CVSS0.1AI score0.04456EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.23 views

CentOS Update for ruby CESA-2008:0562-01 centos2 i386

Check for the Version of ruby OpenVAS Vulnerability Test CentOS Update for ruby CESA-2008:0562-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

10CVSS7.1AI score0.04456EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.22 views

Fedora Update for qt4 FEDORA-2008-3379

Check for the Version of qt4 OpenVAS Vulnerability Test Fedora Update for qt4 FEDORA-2008-3379 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

9.3CVSS0.2AI score0.04762EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2008/07/14 1:38 p.m.35 views

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...

10CVSS7.5AI score0.04456EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2008/07/14 1:26 p.m.37 views

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...

10CVSS7.4AI score0.04456EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.7 views

DeleGate Multiple Buffer Overflow Vulnerabilities

Overview DeleGate suffers buffer overflow when scanf, strncpy and other string handling process are set to fail with a long string sent by proxy. Impact An attacker could execute arbitrary code with the privileges of the user running DeleGate. Solution Please refer to the 'Vendor Information'...

7.5CVSS7.9AI score0.02387EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian Security Advisory DSA 324-1 (ethereal)

The remote host is missing an update to ethereal announced via advisory DSA 324-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7AI score0.04754EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.21 views

Ubuntu 5.04 / 5.10 / 6.06 LTS / 6.10 : screen vulnerability (USN-370-1)

cstone and Rich Felker discovered a programming error in the UTF8 string handling code of 'screen' leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code. Note that Tenable Network Security has extracted the...

2.6CVSS6AI score0.02113EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/02/27 12:0 a.m.25 views

GLSA-200702-10 : UFO2000: Multiple vulnerabilities

"The remote host is affected by the vulnerability described in GLSA-200702-10 UFO2000: Multiple vulnerabilities Five vulnerabilities were found: a buffer overflow in recvaddunit %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

7.5CVSS5.9AI score0.04741EPSS
Exploits0References7
seebug.org
seebug.org
added 2007/01/04 12:0 a.m.46 views

VLC Media Player畸形“udp://”URI格式串处理漏洞

VLC Media Player是一款免费的媒体释放器。 VLC Media Player在处理畸形的URI串时存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 VLC Media Player在处理“udp://”开头的URI串时存在格式串处理漏洞,远程攻击者可能利用此漏洞通过诱使用户访问恶意网页或打开恶意M3U文件控制用户机器。 VideoLAN VLC Media Player 0.x 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 不要打开来源不可信任的M3U文件。 厂商补丁: VideoLAN --------...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2005/05/02 4:0 a.m.28 views

CVE-2005-0255

String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstringCharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execut...

5CVSS6.2AI score0.04291EPSS
Exploits0References2
NVD
NVD
added 2005/05/02 4:0 a.m.27 views

CVE-2005-0255

String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstringCharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execut...

5CVSS6.9AI score0.04291EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2005/03/23 7:26 p.m.37 views

Critical: Red Hat Security Advisory: thunderbird security update

Updated thunderbird packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A buffer overflow bug was found in the way Thunderbird processe...

5.1CVSS6.3AI score0.15116EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2005/03/23 7:26 p.m.5 views

security flaw

String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstringCharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execut...

5CVSS6.2AI score0.04291EPSS
Exploits0References4
CVE
CVE
added 2005/02/28 5:0 a.m.89 views

CVE-2005-0255

CVE-2005-0255 affects Mozilla Suite 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2. The flaw is in string handling (nsTSubstring_CharT::Replace) where return values of functions that resize strings are not properly checked, which can lead to a reallocation failure and a pointer to a fixed addre...

5CVSS6.9AI score0.04291EPSS
Exploits0References13Affected Software3
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-1527

Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows remote attackers ...

5CVSS6.5AI score0.01351EPSS
Exploits0References5
Rows per page
Query Builder