22 matches found
CVE-2024-42347
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the...
Cross site scripting
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...
CVE-2023-30609
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message...
Debian: Security Advisory (DLA-2562-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2562-1 : mumble security update
It was discovered that there was a a remote code execution vulnerability in mumble, a VoIP client commonly used for group chats. The exploit could have been been triggered by a maliciously crafted URL on the server list. For Debian 9 'Stretch', this problem has been fixed in version...
[SECURITY] [DLA 2562-1] mumble security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2562-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 18, 2021 https://wiki.debian.org/LTS -...
Updated mumble packages fix security vulnerability
It was discovered that insufficient restrictions in the connection handling of Mumble, a low latency encrypted VoIP client, could result in denial of service CVE-2018-20743...
Qutecom Softphone 2.2.1 Heap Overflow DoS/Crash Proof of Concept
No description provided by source. Title: Qutecom Cross-platform, open source softphone Heap Overflow DoS/Crash Proof of Concept Date: 14th June 2012 Exploit Author: Debasish Mandal Author's Blog : http://www.debasish.in/ Vendor Homepage: http://qutecom.org/ Software Link:...
Debian Security Advisory DSA 2854-1 (mumble - several vulnerabilities)
Several issues have been discovered in mumble, a low latency VoIP client. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2014-0044 It was discovered that a malformed Opus voice packet sent to a Mumble client could trigger a NULL pointer dereference or an...
Polycom VoIP Client Detection
Binary data 6475.prm...
Debian Security Advisory DSA 2411-1 (mumble)
The remote host is missing an update to mumble announced via advisory DSA 2411-1. OpenVAS Vulnerability Test $Id: deb24111.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2411-1 mumble Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian: Security Advisory (DSA-2411-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-2411-1 : mumble - information disclosure
It was discovered that Mumble, a VoIP client, does not properly manage permissions on its user-specific configuration files, allowing other local users on the system to access them. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[SECURITY] [DSA 2411-1] mumble security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2411-1 [email protected] http://www.debian.org/security/ Florian Weimer February 19, 2012 http://www.debian.org/security/faq -...
Buffer overflow
Buffer overflow in the IUAComFormX ActiveX control in uacomx.ocx 2.0.1 in the eCentrex VOIP Client module allows remote attackers to execute arbitrary code via a long Username argument to the ReInit method...
CVE-2007-4489
The CVE-2007-4489 issue affects the IUAComFormX ActiveX control in uacomx.ocx 2.0.1, used by the eCentrex VOIP Client module. The root cause is a buffer overflow triggered by a long Username argument to the ReInit method, which can allow remote code execution. The available connected documents co...
eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BOF Exploit
No description provided by source. !-- 17/08/2007 04.41.37 eCentrex VOIP Client module uacomx.ocx 2.0.1 remote buffer overflow exploit ie6 / xp sp2 passing more than 164 chars to ReInit method in Username argument EAX 41414131 ECX 0013D444 ASCII "AAAAAAAA... EDX 00000000 EBX 00000000 ESP 0013D3A0...
eCentrex VOIP Client module - uacomx.ocx 2.0.1 Remote Buffer Overflow
eCentrex VOIP Client module - uacomx.ocx 2.0.1 Remote Buffer Overflow 'metasploit one, 456 bytes - cmd /c net user su tzu /add & net localgroup Administrators su /add scode =...
eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BOF Exploit
No description provided by source. !-- 17/08/2007 04.41.37 eCentrex VOIP Client module uacomx.ocx 2.0.1 remote buffer overflow exploit ie6 / xp sp2 passing more than 164 chars to ReInit method in Username argument EAX 41414131 ECX 0013D444 ASCII "AAAAAAAA... EDX 00000000 EBX 00000000 ESP 0013D3A0...
eCentrex VOIP Client module - 'uacomx.ocx 2.0.1' Remote Buffer Overflow
'metasploit one, 456 bytes - cmd /c net user su tzu /add & net localgroup Administrators su /add scode =...