5408 matches found
Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities
The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products : - Apache - ATS - BIND - CFNetwork - CoreGraphics - Cscope - CUPS - Disk Images - enscript - Flash Player plug-in - Help Viewer - iChat -...
Debian DSA-1797-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0652 Moxie Marlinspike discovered that Unicode box drawi...
Debian: Security Advisory (DSA-1797-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: utf8 selection memory corruption
The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service memory corruption by selecting a small number of 3-byte UTF-8 characters, which...
Zoom Player Pro 3.30 Buffer Overflow
?php / Zoom Player Pro v.3.30 .m3u file buffer overflow exploit seh by Nine:Situations:Group::surfista seems the same of http://secunia.com/advisories/28214/ bug found by Luigi Auriemma no full working exploit out, so I made my test version / / //original shellcode, 27 bytes + command //re-encode...
Zoom Player Pro 3.30 - .m3u Local Buffer Overflow (SEH)
Zoom Player Pro 3.30 - .m3u Local Buffer Overflow SEH ?php / Zoom Player Pro v.3.30 .m3u file buffer overflow exploit seh by Nine:Situations:Group::surfista seems the same of http://secunia.com/advisories/28214/ bug found by Luigi Auriemma no full working exploit out, so I made my test version / ...
Zoom Player Pro v.3.30 .m3u File Buffer Overflow Exploit (seh)
Exploit for unknown platform in category local exploits ============================================================== Zoom Player Pro v.3.30 .m3u File Buffer Overflow Exploit seh ============================================================== ?php / Zoom Player Pro v.3.30 .m3u file buffer overflo...
Zoom Player Pro 3.30 - '.m3u' Local Buffer Overflow (SEH)
?php / Zoom Player Pro v.3.30 .m3u file buffer overflow exploit seh by Nine:Situations:Group::surfista seems the same of http://secunia.com/advisories/28214/ bug found by Luigi Auriemma no full working exploit out, so I made my test version / / //original shellcode, 27 bytes + command //re-encode...
MDKA-2007:119 : kbd
On a Mandriva Linux 2008 text console, for some locales with unicode enabled, in some cases the typed characters were not displayed correctly. This update to kbd package fixes the problem. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : php5 vulnerabilities (USN-720-1)
It was discovered that PHP did not properly enforce phpadminvalue and phpadminflag restrictions in the Apache configuration file. A local attacker could create a specially crafted PHP script that would bypass intended security restrictions. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8....
Firefox < 3.0.9 Multiple Vulnerabilities
The installed version of Firefox is earlier than 3.0.9. Such versions are potentially affected by the following security issues : - Multiple remote memory corruption vulnerabilities exist that can be exploited to execute arbitrary code in the context of the user running the affected application...
URL spoofing with box drawing character — Mozilla
Bjoern Hoehrmann and security researcher Moxie Marlinspike independently reported that Unicode box drawing characters were allowed in Internationalized Domain Names IDN where they could be visually confused with punctuation used in valid web addresses. This could be combined with a phishing-type...
Linux Kernel CIFSTCon()函数远程溢出漏洞
BUGTRAQ ID: 34453 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的fs/cifs/connect.c文件中的CIFSTCon函数存在缓冲区溢出漏洞。如果用户受骗连接到了恶意的服务器且服务器向客户端返回了特制的Tree Connect响应的话,就可以出发这个溢出,导致执行任意代码。以下是有漏洞的代码段: 3441 int 3442 CIFSTConunsigned int xid, struct cifsSesInfo ses, 3443 const char tree, struct cifsTconInfo tcon,...
Mandriva Update for glibc MDKA-2007:012 (glibc)
Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDKA-2007:012 glibc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for rpmdrake MDKA-2007:062 (rpmdrake)
Check for the Version of rpmdrake OpenVAS Vulnerability Test Mandriva Update for rpmdrake MDKA-2007:062 rpmdrake Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for kbd MDKA-2007:119 (kbd)
Check for the Version of kbd OpenVAS Vulnerability Test Mandriva Update for kbd MDKA-2007:119 kbd Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Mandriva Update for glibc MDKA-2007:012 (glibc)
Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDKA-2007:012 glibc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for pcre MDVSA-2008:053 (pcre)
Check for the Version of pcre OpenVAS Vulnerability Test Mandriva Update for pcre MDVSA-2008:053 pcre Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for qt MDKSA-2007:183 (qt)
Check for the Version of qt OpenVAS Vulnerability Test Mandriva Update for qt MDKSA-2007:183 qt Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution)
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion,...