WordPress AffiliateWP 2.0.8 Cross Site Scripting

DefenseCode ThunderScan SAST Advisory WordPress AffiliateWP Plugin Security Vulnerability Advisory ID: DC-2017-05-05 Advisory Title: WordPress AffiliateWP Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress AffiliateWP Plugin Language: PHP...

WordPress All In One Schema.org Rich Snippets 1.4.1 XSS

DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory ID: DC-2017-01-002 Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Softwar...

WordPress WebDorado Gallery 1.3.29 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Source: http://www.defensecode.com/advisories/DC-2017-02-011WordPressWebDoradoGalleryPluginAdvisory.pdf DefenseCode ThunderScan SAST Advisory WordPress WebDorado Gallery Plugin - SQL Injection Vulnerability Advisory ID: DC-2017-02-011 Software...

AccessPress Social Icons < 1.6.8 - Authenticated SQL Injections

During the security analysis, ThunderScan discovered SQL injection vulnerabilities in AccessPress Social Icons WordPress plugin. The easiest way to reproduce the vulnerability is to visit the provided URL while being logged in as administrator or another user that is authorized to access the plug...

[DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities

DefenseCode ThunderScan ASP.Net C Advisory: BugTracker.Net Multiple Security Vulnerabilities Advisory ID: DC-2012-11-002 Advisory Title: BugTracker.Net Multiple Security Vulnerabilities Advisory URL: http://www.defensecode.com/article/bugtracker.netmultiplesecurityvulnerabilities-31 Software:...

[DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities

DefenseCode ThunderScan PHP Advisory: Wordpress WP E-Commerce Plugin Multiple Security Vulnerabilities Advisory ID: DC-2012-11-001 Advisory Title: Wordpress WP E-Commerce Plugin Multiple Vulnerabilities Advisory URL:...

WordPress WP E-Commerce 3.8.9 SQL Injection / Cross Site Scripting

WordPress WP E-Commerce third party plugin version 3.8.9 suffers from cross site scripting and multiple remote SQL injection vulnerabilities. WordPress WP E-Commerce 3.8.9 SQL Injection / Cross Site Scripting Software: WP e-Commerce Software Language: PHP Version: 3.8.9 and below Vendor Status:...

WordPress WP E-Commerce 3.8.9 SQL Injection / Cross Site Scripting

DefenseCode ThunderScan PHP Advisory: Wordpress WP E-Commerce Plugin Multiple Security Vulnerabilities Advisory ID: DC-2012-11-001 Advisory Title: Wordpress WP E-Commerce Plugin Multiple Vulnerabilities Advisory URL:...

Apple TV < 5.1 Multiple Vulnerabilities

According to its banner, the remote Apple TV 2nd generation or later device has a version of iOS that is prior to 5.1. It is, therefore, reportedly affected by several vulnerabilities : - An uninitialized memory access issue in the handling of Sorenson encoded movie files could lead to arbitrary...

Scientific Linux Security Update : libtiff on SL4.x i386/x86_64

A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtif...

Scientific Linux Security Update : libtiff on SL5.x i386/x86_64

A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF files encoded with a 4-bit run-length encoding scheme from ThunderScan. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtif...

Ubuntu Update for tiff vulnerability USN-1102-1

Ubuntu Update for Linux kernel vulnerabilities USN-1102-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11021.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for tiff vulnerability USN-1102-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-1102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : tiff vulnerability (USN-1102-1)

Martin Barbella discovered that the thunder aka ThunderScan decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privilege...

USN-1102-1: tiff vulnerability

Martin Barbella discovered that the thunder aka ThunderScan decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privilege...

Debian DSA-2210-1 : tiff - several vulnerabilities

Several vulnerabilities were discovered in the TIFF manipulation and conversion library : - CVE-2011-0191 A buffer overflow allows to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding. This issue affects the Debian 5.0 Lenny package only. -...

DSA-2210-1 tiff - several

Bulletin has no description...

CVE-2011-1167

Heap-based buffer overflow in the thunder aka ThunderScan decoder in tifthunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value...

CVE-2011-1167

Heap-based buffer overflow in the thunder aka ThunderScan decoder in tifthunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value...

CVE-2011-1167

Heap-based buffer overflow in the thunder aka ThunderScan decoder in tifthunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value...