crystal-dos.txt

Application: Crystal Reports XI Release 2 Enterprise Tree Control Remote BoF/Dos www.businessobjects.com Versions: 11 Platforms: Windows XP Professional Bug: buffer-overflow Exploitation: remote Date: 2007-01-16 Author: shinnai e-mail: shinnaiatautisticidotorg web: http://shinnai.altervista.org 1...

CVE-2008-0299

common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...

[SECURITY] Fedora 8 Update: glib2-2.14.3-1.fc8

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides versi...

Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection

Simple Machines Forum SMF 1.1.3 - Blind SQL Injection !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total...

Moderate: gcc security and bug fix update

3.4.6-8.0.1 - add gcc34-pr23591-tls-model-fix.patch - this patch fixes a bug with exception handlers and threads 3.4.6-8 - add gnu.java.util.ZoneInfo class, use tzdata files for libgcj timezone stuff instead of builtin simple and outdated rules 227884 - add missing @GCC4.0.0 and @GCC4.2.0 libgcc...

CVE-2005-3889

Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code of 6 or 7, which triggers a large number of popup windows to the user and creates a large number of threads...

CVE-2005-3106

CVE-2005-3106 is a Linux kernel race condition affecting thread management when memory mappings are shared (CLONE_VM). The issue can lead to a local denial of service via deadlock, e.g., by triggering a core dump or waiting-for-exec scenarios. Connected advisories confirm this CVE across multiple...

CVE-2005-0937

Some futex functions in futex.c for Linux kernel 2.6.x perform getuser calls while holding the mmapsem semaphore, which could allow local users to cause a deadlock condition in dopagefault by triggering getuser faults while another thread is executing mmap or other functions...

CVE-1999-0723

The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial-of-service when all worker threads are waiting for user input. Connected records confirm CSRSS as the vulnerable component and describe the impact as availability-related DoS, CVSS v2 base score 7.1. No concrete d...