5410 matches found
MySQL Connector/J Unicode字符串SQL注入漏洞
Bugraq ID: 35858 MySQL Connector/J是一款面向java的简单易用的API调用接口。 MySQL Connector/J处理包含部分unicode字符的查询字符串时存在错误,远程攻击者可以利用漏洞通过SQL注入攻击修改应用程序,访问或修改数据。 在设置类似SJIS/Windows-31J字符集而不是UTF-8的情况下,提交包含U+00A5字符的字符串,MySQL Connector/J在处理时可导致SQL注入攻击,攻击者可以获得敏感数据或操作数据库。 MySQL AB MySQL Connector/J 5.1.7 厂商解决方案 MYSQL...
python: Multiple buffer overflows in unicode processing
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
python: stringobject, unicodeobject integer overflows
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the...
python: Multiple buffer overflows in unicode processing
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
python: stringobject, unicodeobject integer overflows
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the...
Moderate: Red Hat Security Advisory: python security update
Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the...
python: stringobject, unicodeobject integer overflows
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by 1 the stringexpandtabs function in Objects/stringobject.c and 2 the...
python: Multiple buffer overflows in unicode processing
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
python: Multiple integer overflows in python core
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the 1 stringobject, 2 unicodeobject, 3 bufferobject, 4 longobject, 5 tupleobject, 6 stropmodule, 7 gcmodule, and 8 mmapmodule modules. NOTE: The expandtabs...
python security update
2.3.4-14.7.el48.2 - Fix all of the low priority security bugs: - Resolves: rhbz486329 - Multiple integer overflows in python core CVE-2008-2315 - Resolves: 455008 - PyStringFromStringAndSize does not check for negative size values CVE-2008-1887 - Resolves: 443810 - Multiple integer overflows...
Microsoft Internet Explorer 'findText()' Unicode解析拒绝服务漏洞
Bugraq ID: 35799 CNCAN ID:CNCAN-2009072503 Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer存在'findText' Unicode解析错误,远程攻击者可以利用漏洞使应用程序崩溃。 'findText'方法在处理特殊构建的包含unicode字符的参数时存在问题,构建恶意WEB页,诱使用户解析,可导致浏览器崩溃。 Microsoft Internet Explorer 8 Microsoft Internet Explorer 7.0 厂商解决方案...
MS Internet Explorer 7/8 findText Unicode Parsing Crash Exploit
No description provided by source. meta http-equiv="Context-Type" content="text/html; charset=US-ASCII" !-- Contact:[email protected],[email protected] Title: MS Internet Explorer findText Unicode Parsing error Vulnerability mshtml.dll Bug discovered: Hong10 PoC code: AmesianX & Hong10 Critical:...
MS IE 7/8 findText Unicode Parsing Crash Exploit-a vulnerability warning-the black bar safety net
Mshtml.dll Impact: MS Internet Explorer 7/8 Crash Solution: unknown Danger level: low Description: The following error is test the latest version of Internet Explorer7/8 Copy the contents to the clipboard! Program code program code ! DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" ""...
Microsoft Internet Explorer Unicode Crash
IE findText crash Hit the button after ie7/8 crash.. function docrash var o1=document.createElement"input"; o1.type="text"; //or password o1.id="powerhacker"; o1.value="AAAA"; document.body.appendChildo1; var r= o1.createTextRange;...
Microsoft Internet Explorer 78 - findText Unicode Parsing Crash
Microsoft Internet Explorer 78 - findText Unicode Parsing Crash IE findText crash Hit the button after ie7/8 crash.. function docrash var o1=document.createElement"input"; o1.type="text"; //or password o1.id="powerhacker"; o1.value="AAAA"; document.body.appendChildo1; var r= o1.createTextRange;...
MS Internet Explorer 7/8 findText Unicode Parsing Crash Exploit
Exploit for unknown platform in category dos / poc =============================================================== MS Internet Explorer 7/8 findText Unicode Parsing Crash Exploit =============================================================== IE findText crash Hit the button after ie7/8 crash...
Microsoft Internet Explorer 7/8 - findText Unicode Parsing Crash
IE findText crash Hit the button after ie7/8 crash.. function docrash var o1=document.createElement"input"; o1.type="text"; //or password o1.id="powerhacker"; o1.value="AAAA"; document.body.appendChildo1; var r= o1.createTextRange;...
Microsoft Internet Explorer Unicode String DoS Vulnerability
This host is installed with Internet Explorer and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodmsieunicodestrdosvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Unicode String DoS Vulnerability Authors: Sharath S Copyright: Copyright...
Opera Unicode String Denial Of Service Vulnerability (Linux)
This host is installed with Opera and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodoperaunicodestrdosvulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera Unicode String Denial Of Service Vulnerability Linux Authors: Sharath S Updated for New CVE's - By Shara...
Google Chrome Unicode String Denial Of Service Vulnerability
This host is installed with Google Chrome and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromeunicodestrdosvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome Unicode String Denial Of Service Vulnerability Authors: Sharath S Copyright: Copyrig...