134 matches found
Mandrake Linux Security Advisory : qt (MDKSA-2007:183)
A buffer overflow was found in how Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or potentially allow for the execution of arbitrary code. Updated packages have been patched to prevent this issue...
Qt library buffer overflow
Buffer overflow on Unicode strings parsing...
[Full-disclosure] [ MDKSA-2007:183 ] - Updated qt3/qt4 packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:183 http://www.mandriva.com/security/ Package : qt Date : September 13, 2007 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0 Problem Description: A buffer overflow was found in how Qt expanded malform...
Important: Red Hat Security Advisory: qt security update
Updated qt packages that correct two security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Qt is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications for t...
python repr unicode buffer overflow
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts...
CVE-2006-4326
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by...
CVE-2006-4326
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by...
VulnCheck KEV: CVE-2006-4326
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by...
python -- buffer overrun in repr() for unicode strings
Benjamin C. Wiley Sittler reports: I discovered a buffer overrun in repr for unicode strings. This causes an unpatched non-debug wide UTF-32/UCS-4 build of python to abort. Ubuntu security team reports: If an application uses repr on arbitrary untrusted data, this bug could be exploited to execut...
CVE-2006-0014
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book WAB file containing "certain Unicode strings" and modified length values...
Buffer overflow
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book WAB file containing "certain Unicode strings" and modified length values...
ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability
ZDI-06-007: Microsoft Windows Address Book WAB File Format Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-007.html April 11, 2006 -- CVE ID: CVE-2006-0014 -- Affected Vendor: Microsoft -- Affected Products: Windows XP SP2 Windows 2000 SP4 -- TippingPointTM IPS Customer...
CVE-2006-0014
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book WAB file containing "certain Unicode strings" and modified length values...
Уязвимость в NTLMv1
Используется операция побитового илсключаещего или XOR с битовой последовательностью. Пароль передается как Unicode-строка, при этом используется большое количество нулевых байт в известных позициях, что позволяет обнаружить последовательность и извлечь пароль в случае перехвата пакета...