Lucene search
+L

938 matches found

Tenable Nessus
Tenable Nessus
added 2014/02/07 12:0 a.m.44 views

IrfanView < 4.37 Multiple Buffer Overflow Vulnerabilities

The remote Windows host contains a version of IrfanView prior to version 4.37. It is, therefore, reportedly affected by multiple buffer overflow vulnerabilities : - A boundary error exists when handling the LZW code stream within GIF files that could lead to arbitrary code execution. CVE-2013-535...

7.6CVSS6AI score0.05749EPSS
Exploits1References5
exploitpack
exploitpack
added 2014/02/01 12:0 a.m.49 views

MediaWiki 1.22.1 PdfHandler - Remote Code Execution

MediaWiki 1.22.1 PdfHandler - Remote Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki images/xnz.php 3. access to php-backdoor! http://vulnerable-site/images/xnz.php?1=rm%20-rf%20%2f%20--no-preserve-root 4. happy pwning!! Related files: thumb.php -- extract all GET array to...

6CVSS0.8AI score0.42777EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2014/01/30 12:0 a.m.262 views

MediaWiki < 1.19.11 / 1.21.5 / 1.22.2 Multiple Remote Code Execution Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by the following remote code execution vulnerabilities : - A user-input validation error exists during thumbnail generation in the 'thumb.php' script that allows the execution of arbitrary shell...

6CVSS9.3AI score0.42777EPSS
Exploits12References7
Kitploit
Kitploit
added 2014/01/23 8:30 p.m.23 views

[Autopsy] Digital Investigation Analysis

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...

6.8AI score
Exploits0
NVD
NVD
added 2013/12/28 4:53 a.m.17 views

CVE-2013-6932

Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window...

7.6CVSS7.7AI score0.05749EPSS
Exploits1References3
Prion
Prion
added 2013/12/28 4:53 a.m.20 views

Buffer overflow

Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window...

7.6CVSS8.4AI score0.05749EPSS
Exploits1References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/12/24 12:0 a.m.41 views

JVN#63194482: IrfanView vulnerable to buffer overflow

IrfanView is an application for viewing images of many different file formats. IrfanView contains a buffer overflow vulnerability, when using the Thumbnails window with Thumbnail tooltips enabled. Impact When processing a specially crafted file contained in a folder named using multi-byte...

7.6CVSS7.2AI score0.05749EPSS
Exploits1
Kaspersky
Kaspersky
added 2013/12/16 12:0 a.m.46 views

KLA10229 ACE vulnerabilities in IrfanView

A buffer overflow was found in IrfanView. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed GIF file or a specially designed thumbnail in the file. Original advisories IrfanView changelog Related...

7.6CVSS7.7AI score0.05749EPSS
Exploits1References3
securityvulns
securityvulns
added 2013/07/08 12:0 a.m.145 views

Vulnerabilities in multiple plugins for WordPress with VideoJS

Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2013/06/03 12:0 a.m.66 views

CVE-2013-3663 - SketchUp BMP RLE8 Heap Overflow

If you are still using a not so old version of SketchUp8M3 you should upgrade it... Title: SketchUp BMP RLE8 Heap Overflow Product: Google SketchUp Advisory ID: BINA-20120523 CVE ID: CVE-2013-3663 Class: Boundary Error Condition Buffer Overflow Vulnerability class: Client side/ file format...

9.3CVSS7.1AI score0.31864EPSS
Exploits1
Patchstack
Patchstack
added 2013/05/15 12:0 a.m.3 views

WordPress Video Embed & Thumbnail Generator Plugin <= 4.0 - XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update plugin...

2.2AI score
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2013/05/14 12:0 a.m.21 views

WordPress Video JS Cross Site Scripting

Hello list! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites a...

Exploits0
Packet Storm
Packet Storm
added 2012/12/24 12:0 a.m.38 views

Feindura CMS 2.0.4 Shell Upload

Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Title : Feindura CM...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/12/22 12:0 a.m.39 views

Feindura CMS v2.0.4 <= (thumbnail) File Upload Vulnerability

The Bug is 0day on Feindura CMS v2.0.4 when use Thumbnail to upload images attacker can upload remote and big file/webShell 100mb .gif to the target . Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com...

7.2AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2012/08/15 4:8 p.m.82 views

opera to 12.01 (important)

Opera was updated to version 12.1, fixing various bugs and security issues. http://www.opera.com/docs/changelogs/unix/1201/ Fixes and Stability Enhancements since Opera 12.00 General and User Interface Several general fixes and stability improvements Website thumbnail memory usage improvements...

0.3AI score
Exploits0References1
Packet Storm
Packet Storm
added 2012/06/08 12:0 a.m.21 views

WordPress Tinymce Thumbnail Gallery 1.0.7 File Disclosure

Description : Wordpress Plugins - Tinymce Thumbnail Gallery Remote File Disclosure Vulnerability Version : 1.0.7 Link : http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/ Plugins : http://downloads.wordpress.org/plugin/tinymce-thumbnail-gallery.zip Date : 25-05-2012 Google Dork :...

Exploits0
Patchstack
Patchstack
added 2012/06/08 12:0 a.m.11 views

WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure

WordPress Tinymce Thumbnail plugin is prone to a remote file disclosure vulnerability. It allows an attacker to compromise encrypted login credentials for or retrieve the device's administrator password allowing them to directly access the device's configuration control panel. Solution Update the...

3.7AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2012/06/08 12:0 a.m.17 views

WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure

WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure Description : Wordpress Plugins - Tinymce Thumbnail Gallery Remote File Disclosure Vulnerability Version : 1.0.7 Link : http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/ Plugins :...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/06/08 12:0 a.m.61 views

WordPress Hungred Post Thumbnail 2.1.9 Shell Upload

Description : Wordpress Plugins - Hungred Post Thumbnail Arbitrary File Upload Vulnerability Version : 2.1.9 Link : http://wordpress.org/extend/plugins/hungred-post-thumbnail/ Plugins : http://downloads.wordpress.org/plugin/hungred-post-thumbnail.zip Date : 31-05-2012 Google Dork :...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/06/08 12:0 a.m.27 views

WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure

Description : Wordpress Plugins - Tinymce Thumbnail Gallery Remote File Disclosure Vulnerability Version : 1.0.7 Link : http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/ Plugins : http://downloads.wordpress.org/plugin/tinymce-thumbnail-gallery.zip Date : 25-05-2012 Google Dork :...

7AI score
Exploits0
Rows per page
Query Builder