938 matches found
IrfanView < 4.37 Multiple Buffer Overflow Vulnerabilities
The remote Windows host contains a version of IrfanView prior to version 4.37. It is, therefore, reportedly affected by multiple buffer overflow vulnerabilities : - A boundary error exists when handling the LZW code stream within GIF files that could lead to arbitrary code execution. CVE-2013-535...
MediaWiki 1.22.1 PdfHandler - Remote Code Execution
MediaWiki 1.22.1 PdfHandler - Remote Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki images/xnz.php 3. access to php-backdoor! http://vulnerable-site/images/xnz.php?1=rm%20-rf%20%2f%20--no-preserve-root 4. happy pwning!! Related files: thumb.php -- extract all GET array to...
MediaWiki < 1.19.11 / 1.21.5 / 1.22.2 Multiple Remote Code Execution Vulnerabilities
According to its version number, the instance of MediaWiki running on the remote host is affected by the following remote code execution vulnerabilities : - A user-input validation error exists during thumbnail generation in the 'thumb.php' script that allows the execution of arbitrary shell...
[Autopsy] Digital Investigation Analysis
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...
CVE-2013-6932
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window...
Buffer overflow
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window...
JVN#63194482: IrfanView vulnerable to buffer overflow
IrfanView is an application for viewing images of many different file formats. IrfanView contains a buffer overflow vulnerability, when using the Thumbnails window with Thumbnail tooltips enabled. Impact When processing a specially crafted file contained in a folder named using multi-byte...
KLA10229 ACE vulnerabilities in IrfanView
A buffer overflow was found in IrfanView. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed GIF file or a specially designed thumbnail in the file. Original advisories IrfanView changelog Related...
Vulnerabilities in multiple plugins for WordPress with VideoJS
Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites...
CVE-2013-3663 - SketchUp BMP RLE8 Heap Overflow
If you are still using a not so old version of SketchUp8M3 you should upgrade it... Title: SketchUp BMP RLE8 Heap Overflow Product: Google SketchUp Advisory ID: BINA-20120523 CVE ID: CVE-2013-3663 Class: Boundary Error Condition Buffer Overflow Vulnerability class: Client side/ file format...
WordPress Video Embed & Thumbnail Generator Plugin <= 4.0 - XSS
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update plugin...
WordPress Video JS Cross Site Scripting
Hello list! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites a...
Feindura CMS 2.0.4 Shell Upload
Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Title : Feindura CM...
Feindura CMS v2.0.4 <= (thumbnail) File Upload Vulnerability
The Bug is 0day on Feindura CMS v2.0.4 when use Thumbnail to upload images attacker can upload remote and big file/webShell 100mb .gif to the target . Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com...
opera to 12.01 (important)
Opera was updated to version 12.1, fixing various bugs and security issues. http://www.opera.com/docs/changelogs/unix/1201/ Fixes and Stability Enhancements since Opera 12.00 General and User Interface Several general fixes and stability improvements Website thumbnail memory usage improvements...
WordPress Tinymce Thumbnail Gallery 1.0.7 File Disclosure
Description : Wordpress Plugins - Tinymce Thumbnail Gallery Remote File Disclosure Vulnerability Version : 1.0.7 Link : http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/ Plugins : http://downloads.wordpress.org/plugin/tinymce-thumbnail-gallery.zip Date : 25-05-2012 Google Dork :...
WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure
WordPress Tinymce Thumbnail plugin is prone to a remote file disclosure vulnerability. It allows an attacker to compromise encrypted login credentials for or retrieve the device's administrator password allowing them to directly access the device's configuration control panel. Solution Update the...
WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure
WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure Description : Wordpress Plugins - Tinymce Thumbnail Gallery Remote File Disclosure Vulnerability Version : 1.0.7 Link : http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/ Plugins :...
WordPress Hungred Post Thumbnail 2.1.9 Shell Upload
Description : Wordpress Plugins - Hungred Post Thumbnail Arbitrary File Upload Vulnerability Version : 2.1.9 Link : http://wordpress.org/extend/plugins/hungred-post-thumbnail/ Plugins : http://downloads.wordpress.org/plugin/hungred-post-thumbnail.zip Date : 31-05-2012 Google Dork :...
WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure
Description : Wordpress Plugins - Tinymce Thumbnail Gallery Remote File Disclosure Vulnerability Version : 1.0.7 Link : http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/ Plugins : http://downloads.wordpress.org/plugin/tinymce-thumbnail-gallery.zip Date : 25-05-2012 Google Dork :...