Lucene search
K

108 matches found

CVE
CVE
added 2015/06/16 4:0 p.m.56 views

CVE-2015-3205

Libmimedir’s VCF parser is vulnerable to memory corruption when parsing a VCF file with two trailing NULL bytes, triggering risky free() calls during lexer memory cleanup. A PoC/exploit code demonstrates potential arbitrary code execution via crafted VCF inputs; exploitation status in the wild is...

7.5CVSS7.7AI score0.10669EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2015/06/16 4:0 p.m.30 views

CVE-2015-3205

libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."...

7.5AI score0.10669EPSS
Exploits5References3
Packet Storm
Packet Storm
added 2015/06/11 12:0 a.m.45 views

Libmimedir VCF Memory Corruption Proof Of Concept

!/usr/bin/python libmimedir-free.py Libmimedir VCF Memory Corruption PoC CVE-2015-3205 Jeremy Brown jbrown3264/gmail June 2015 -Synopsis- Adding two NULL bytes to the end of a VCF file allows a user to manipulate free calls which occur during it's lexer's memory clean-up procedure. This could lea...

7.5CVSS0.8AI score0.10669EPSS
Exploits5
exploitpack
exploitpack
added 2015/06/10 12:0 a.m.70 views

Libmimedir - .VCF Memory Corruption (PoC)

Libmimedir - .VCF Memory Corruption PoC !/usr/bin/python libmimedir-free.py Libmimedir VCF Memory Corruption PoC CVE-2015-3205 Jeremy Brown jbrown3264/gmail June 2015 -Synopsis- Adding two NULL bytes to the end of a VCF file allows a user to manipulate free calls which occur during it's lexer's...

7.5CVSS0.9AI score0.10669EPSS
Exploits5
0day.today
0day.today
added 2015/06/10 12:0 a.m.45 views

Libmimedir VCF Memory Corruption PoC

Libmimedir suffers from a memory corruption vulnerability. Adding two NULL bytes to the end of a VCF file allows a user to manipulate free calls which occur during it's lexer's memory clean-up procedure. This could lead to exploitable conditions such as crafting a specific memory chunk to allow f...

7.5CVSS1AI score0.10669EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/06/10 12:0 a.m.36 views

Libmimedir - '.VCF' Memory Corruption (PoC)

!/usr/bin/python libmimedir-free.py Libmimedir VCF Memory Corruption PoC CVE-2015-3205 Jeremy Brown jbrown3264/gmail June 2015 -Synopsis- Adding two NULL bytes to the end of a VCF file allows a user to manipulate free calls which occur during it's lexer's memory clean-up procedure. This could lea...

7.5CVSS6.6AI score0.10669EPSS
Exploits5
securityvulns
securityvulns
added 2015/06/08 12:0 a.m.107 views

Freebox OS Web interface 3.0.2 XSS, CSRF

Hello list, Here are two CVEs I reported to Freebox, a french ISP: - CVE-2014-9382 - CSRF in VPN user account creation - CVE-2014-9405 - XSS Vulnerable product: Freebox OS Web interface 3.0.2. CVE-2014-9382 - CSRF in Freebox OS Web interface 3.0.2 allowing VPN user account creation...

5.6AI score0.01505EPSS
Exploits3
Vulnerability Lab
Vulnerability Lab
added 2015/05/30 12:0 a.m.72 views

Apple iOS 8.0.3 - Silent VCF & iMessage DoS Vulnerability

Document Title: =============== Apple iOS 8.0.3 - Silent VCF & iMessage DoS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1324 Video: http://www.vulnerability-lab.com/getcontent.php?id=1333 Article:...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/09/11 12:0 a.m.20 views

Slackware Advisory SSA:2004-014-01 kdepim security update

The remote host is missing an update as announced via advisory SSA:2004-014-01. OpenVAS Vulnerability Test $Id: esoftslkssa200401401.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

7.5CVSS0.6AI score0.06151EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/09/10 12:0 a.m.24 views

Slackware: Security Advisory (SSA:2004-014-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.06151EPSS
Exploits0References2
NVD
NVD
added 2012/09/07 10:32 a.m.19 views

CVE-2010-5251

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse 1 nnoteswc.dll or 2 nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file. NOTE: the provenance of this...

6.9CVSS6.3AI score0.0042EPSS
Exploits0References1
securityvulns
securityvulns
added 2010/10/24 12:0 a.m.41 views

Microsoft Windows Mobile double free vulnerability

Double free on receiving VCF via MMS/bluetooth...

3.3AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2010/08/25 12:0 a.m.27 views

Microsoft Address Book 6.00.2900.5512(.vcf) DLL Hijacking Exploit

Exploit for windows platform in category local exploits ================================================================= Microsoft Address Book 6.00.2900.5512.vcf DLL Hijacking Exploit =================================================================...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.42 views

FreeBSD : kdepim exploitable buffer overflow in VCF reader (da6f265b-8f3d-11d8-8b29-0020ed76ef5a)

A buffer overflow is present in some versions of the KDE personal information manager kdepim which may be triggered when processing a specially crafted VCF file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

7.5CVSS5.6AI score0.06151EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/03/27 12:0 a.m.42 views

libVC library buffer overflow

Buffer overflow in countvcards on VCF files parsing...

5.5AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.21 views

CVE-2003-0988

Buffer overflow in the VCF file information reader for KDE Personal Information Management kdepim suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file...

7.1AI score0.06151EPSS
Exploits0References12
CVE
CVE
added 2004/09/01 4:0 a.m.77 views

CVE-2003-0988

CVE-2003-0988 affects KDE kdepim up to KDE 3.1.4; the buffer overflow is in the VCF file information reader, allowing arbitrary code execution via a crafted VCF file. Affected versions: KDE 3.1.0–3.1.4. The provided documents do not specify a fixed version or remediation details.

7.5CVSS7.1AI score0.06151EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.52 views

CVE-2003-0988

Removed by vendor...

7.5CVSS6.7AI score0.06151EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.25 views

Fedora Core 1 : kdepim-3.1.4-2 (2004-133)

The KDE team found a buffer overflow in the file information reader of VCF files. An attacker could construct a VCF file so that when it was opened by a victim it would execute arbitrary commands. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2003-0988 t...

7.5CVSS6.1AI score0.06151EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.37 views

FreeBSD : kdepim exploitable buffer overflow in VCF reader (84)

The following package needs to be updated: kdepim %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgda6f265b8f3d11d88b290020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.4AI score0.06151EPSS
Exploits0References21
Rows per page
Query Builder