Lucene search
K

321 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow

No description provided by source. $Id: ms11006createsizeddibsection.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/12/24 6:2 a.m.3 views

IrfanView vulnerable to buffer overflow

Overview IrfanView is an application for viewing images of many different file formats. IrfanView contains a buffer overflow vulnerability, when using the Thumbnails window with Thumbnail tooltips enabled. Asuka Nakajima of NTT Secure Platform Laboratories reported this vulnerability to IPA...

7.6CVSS7.5AI score0.05749EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2012/03/30 12:0 a.m.23 views

Coppermine 1.5.18 Cross Site Scripting / Path Disclosure

waraxe-2012-SA081 - Multiple Vulnerabilities in Coppermine 1.5.18 ============================================================================== Author: Janek Vind "waraxe" Date: 29. March 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-81.html Affected Software: Coppermine is a...

Exploits0
OpenVAS
OpenVAS
added 2011/04/22 12:0 a.m.26 views

Fedora Update for geeqie FEDORA-2011-5200

Check for the Version of geeqie OpenVAS Vulnerability Test Fedora Update for geeqie FEDORA-2011-5200 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

4.3CVSS0.1AI score0.02673EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2011/02/10 12:0 a.m.45 views

Microsoft Windows CreateSizeDIBSECTION Stack Buffer Overflow

$Id: ms11006createsizeddibsection.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS0.2AI score0.67687EPSS
Exploits10
Metasploit
Metasploit
added 2011/02/08 11:31 p.m.40 views

MS11-006 Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow

This module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to...

9.3CVSS8AI score0.67687EPSS
Exploits10
Exploit DB
Exploit DB
added 2011/02/08 12:0 a.m.47 views

Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit)

$Id: ms11006createsizeddibsection.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS7AI score0.67687EPSS
Exploits10
Packet Storm
Packet Storm
added 2011/01/05 12:0 a.m.46 views

Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow

$Id: ms11xxxcreatesizeddibsection.rb 11473 2011-01-04 23:00:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS0.1AI score0.67687EPSS
Exploits10
Symantec
Symantec
added 2011/01/04 12:0 a.m.17 views

Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user to open a...

7.9AI score
Exploits0References2Affected Software8
Positive Technologies
Positive Technologies
added 2010/12/22 12:0 a.m.2 views

PT-2010-5203 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A remote code execution issue exists in the way the Windows Shell graphics processor handles specially crafted thumbnail images. This allows attackers to execute arbitrary cod...

9.3CVSS7.6AI score0.67687EPSS
Exploits10References16
0day.today
0day.today
added 2010/07/07 12:0 a.m.23 views

Uphotogallery Server SQL Injection Vulnerabilty

Exploit for asp platform in category web applications =============================================== Uphotogallery Server SQL Injection Vulnerabilty =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 ...

7.1AI score
Exploits0
Drupal
Drupal
added 2010/05/05 12:0 a.m.13 views

SA-CONTRIB-2010-041: ImageField - Access Bypass

ImageField provides a file upload field for CCK, allowing files to be attached to a node. ImageField intends to set a default extension of "png jpg gif" for all new fields, but may actually save an empty string allowing all of the "png jpg gif" extensions if an administrator does not save the fie...

7AI score
Exploits0References5
Exploit DB
Exploit DB
added 2009/12/21 12:0 a.m.45 views

PHPhotoalbum 0.5 - SQL Injection

Title: PHPhotoalbum Remote sql injection Vulnerability Tested on: windows http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+user+from+mysql.user-- http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+loadfile/directory hex/config.inc.php+from+mysql.user--...

7.4AI score
Exploits0
Atlassian
Atlassian
added 2008/11/07 12:35 a.m.20 views

Inserted image filenames are not escaped properly as thumbnails

When you insert an image as a thumbnail into a wiki page, the generated HTML does not properly escape the filename...

0.5AI score
Exploits0Affected Software1
NVD
NVD
added 2008/04/15 5:5 p.m.14 views

CVE-2008-1799

Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a .. dot dot in the img parameter...

5CVSS6.6AI score0.02672EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian Security Advisory DSA 284-1 (kdegraphics)

The remote host is missing an update to kdegraphics announced via advisory DSA 284-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS6.4AI score0.04033EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.27 views

Debian Security Advisory DSA 296-1 (kdebase)

The remote host is missing an update to kdebase announced via advisory DSA 296-1. OpenVAS Vulnerability Test $Id: deb2961.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 296-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

7.5CVSS0.4AI score0.04033EPSS
Exploits0
seebug.org
seebug.org
added 2007/12/21 12:0 a.m.19 views

Automatic Image Upload with Thumbnails for PunBB 'uploadimg.php'任意文件上传漏洞

Automatic Image Upload with Thumbnails是一款用于PunBB的图象上传扩展。 Automatic Image Upload不正确处理用户提交的数据,远程攻击者可以利用漏洞上传任意文件,并以WEB权限执行。 问题存在于'uploadimg.php'脚本处理中,合法用户帐户可通过构建恶意数据来上传任意文件,并可以以WEB权限执行任意代码。 Automatic Image Upload with Thumbnails Automatic Image Upload with Thumbnails 1.3.3 Automatic Image Upload wit...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.3 views

CVE-2006-6247

Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to 1 slideshow.asp or 2 thumbnails.asp...

7.5CVSS6.3AI score0.01224EPSS
Exploits1References7
exploitpack
exploitpack
added 2005/02/08 12:0 a.m.15 views

Microsoft MSN Messenger 6.2.0137 - .png Remote Buffer Overflow

Microsoft MSN Messenger 6.2.0137 - .png Remote Buffer Overflow // source: https://www.securityfocus.com/bid/12506/info A remotely exploitable buffer overflow exists in MSN Messenger and Windows Messenger. This vulnerability is related to parsing of Portable Network Graphics PNG image header data...

0.4AI score
Exploits0
Rows per page
Query Builder