Mp3splt 'cue.c' Null Pointer Reference Denial of Service Vulnerability

Mp3splt is an mp3 music cutter. A denial of service vulnerability exists in the cue.c file in Mp3splt version 0.9.2. An attacker can exploit this vulnerability to cause a denial of service application crash...

swfstrings rfxswf.c file swf_GetU8 function debug code denial of service vulnerability

SWFTools is a collection of SWF manipulation and creation utility authoring software tools. swfstrings are text parsing tools. A debugging code denial of service vulnerability exists in swftools version 0.9.2 and swftools version 0.9.1. The vulnerability arises because the swfGetU8 function in th...

swfstrings swf_GetBits function 't-data' denial of service vulnerability

SWFTools is a set of software tools for SWF manipulation and creation of utility authoring. swfstrings is a text parsing tool. swftools0.9.2 and previous versions of swfstrings program swfGetBits function 't-data' is empty, resulting in access to the contents of the null pointer, triggering a...

Anchor CMS 0.9.2 Header Injection Vulnerability

Anchor CMS versions 0.9.2 and below suffer from a header injection vulnerability. Anchor CMS = 0.9.2 Current Version header injection in anchor/models/comment.php $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= 'From:...

openSUSE Security Update : quassel (openSUSE-SU-2014:0114-1)

Add back /etc/sysconfig/quasselcore bnc849850 - Drop fix-CVE-2013-6404.diff: Merged upstream - Update to 0.9.2 - Don't crash if /topic contains newlines. - Fix SSL-related issues. - Fix Phonon notifications not playing sound. - Pingout if connection drops during SASL auth phase. - Prevent...

PT-2012-5271 · Mf · Mf Gig Calendar Plugin

Name of the Vulnerable Software and Affected Versions: MF Gig Calendar plugin version 0.9.2 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page, which is a cross-site scripting XSS vulnerability. This enables attackers to...

Cotonti 0.9.2 - Multiple SQL Injections

Cotonti 0.9.2 - Multiple SQL Injections source: https://www.securityfocus.com/bid/48028/info Cotonti is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacke...

Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities

Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/47626/info Kusaba X is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

SWFTools Multiple Integer Overflow Vulnerabilities

SWFTools is prone to multiple integer overflow vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Monkey HTTP Daemon < 0.9.3 Denial of Service Vulnerability

No description provided by source. Monkey HTTP Daemon is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable. !/usr/bin/env python...

Wireshark AFS Dissector Denial of Service Vulnerability (Windows)

This host is installed with Wireshark and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodwiresharkafsdosvulnwin.nasl 5148 2017-01-31 13:16:55Z teissa $ Wireshark AFS Dissector Denial of Service Vulnerability Windows Authors: Nikita MR Copyright: Copyright c 2009 SecPo...

Code injection

ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/ogleaudio., b /tmp/oglecli., c /tmp/oglectrl., d /tmp/oglegui., e /tmp/oglempegps., f /tmp/oglempegvs., g /tmp/oglenav., and h /tmp/oglevout., temporary files, related to the 1...

WordPress Plugin WP-SlimStat 0.9.2 - Cross-Site Scripting

WordPress Plugin WP-SlimStat 0.9.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/26432/info WP-SlimStat Plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this...

DMCounter 0.9.2 -b - 'Kopf.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/17756/info DMCounter is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious P...

DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion

DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion source: https://www.securityfocus.com/bid/17756/info DMCounter is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

DEBIAN-CVE-2005-4644

Cross-site scripting XSS vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag...

DEBIAN-CVE-2005-4065

SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

CVE-2004-0915

Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hidecvsroot and forbidden settings, which could allow remote attackers to gain sensitive information...