70 matches found
CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
CVE-2023-24056
CVE-2023-24056 affects pkgconf up to 1.9.3. The issue is a root cause in libpkgconf/tuple.c:pkgconf_tuple_parse where variable duplication can cause unbounded string expansion (e.g., a small .pc expanded to billions of bytes), leading to memory/resource exhaustion. IBM bulletins for Cloud Pak pro...
CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
pkgconf 安全漏洞
pkgconf is a program from pkgconf open source that helps configure compiler and linker flags for development libraries. A security vulnerability exists in pkgconf version 1.9.3 and earlier versions, which stems from variable duplication leading to unbounded string expansion...
D-Links Wi-Fi Camera in the presence of a vulnerability will affect more than 1 2 0 different products-vulnerability warning-the black bar safety net
! According to foreign media reports, security experts discovered a software plug-in, this component will be D-Links Wi-Fi camera is exposed to a remote attack risk. In addition, making the current situation worse, in the company's products, there are about 1 2 0 more products are using this...
Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts. T...
CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
[Full-Disclosure] iDEFENSE Security Advisory 02.10.05: IBM AIX netpmon Local Buffer Overflow Vulnerability
IBM AIX netpmon Local Buffer Overflow Vulnerability iDEFENSE Security Advisory 02.10.05 www.idefense.com/application/poi/display?id=197&type=vulnerabilities February 10, 2005 I. BACKGROUND The netpmon program is a setuid root application, installed by default under multiple versions of IBM AIX,...
ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow (1)
ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/3526/info ActivePerl is an implementation of the Perl scripting language for Microsoft Windows systems developed by Activestate. ActivePerl allows for high-performance integration with IIS using a...