1071 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the 1 flashuri, 2 flashwidth, or 3 flashheight in the scaldflashscaldprerender function in...
full_width_encode
This evasion plugin does full width encoding as described here: http://www.kb.cert.org/vuls/id/739224 Example: Input: /bar/foo.asp Output : /b%uFF61r/%uFF66oo.asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the...
Sun Java GIF File Handling Memory Corruption - Improved Performance (CVE-2007-0243)
Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java is wide...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in tblgisvisualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the 1 visualizationSettingswidth or 2 visualizationSettingsheight parameter. NOTE: a third party reports that this ...
UBUNTU-CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service memory consumption and server crash via a large number of zero width elements in the client-properties map in a connection.start-ok message...
qpid-cpp: long arrays of zero-width types cause a denial of service
The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service memory consumption and server crash via a large number of zero width elements in the client-properties map in a connection.start-ok message...
qpid-cpp: long arrays of zero-width types cause a denial of service
The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service memory consumption and server crash via a large number of zero width elements in the client-properties map in a connection.start-ok message...
CVE-2013-0768
Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies...
CVE-2011-3937
The H.263 codec libavcodec/h263dec.c in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changin...
CVE-2011-3937
CVE-2011-3937 concerns the H.263 decoder (libavcodec/h263dec.c) in FFmpeg and Libav, where the width/height could change when frame threads are used. Affected products/versions include FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and older Libav lines (0.5.x before 0.5.9, 0.6.x before 0.6.6, ...
Wordpress Plugin plg_novana Sql Injection Vulnerability
WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability. Exploit Title : Wordpress plgnovana plugin Sql Injection Exploit Author : Ashiyane Digital Security Team Discovered By : sil3nt Home : www.ashiyane.org Security Risk : High - SQL Injection Dork :...
UBUNTU-CVE-2012-4433
Multiple integer overflows in operations/external/ppm-load.c in GEGL Generic Graphics Library 0.2.0 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a large 1 width or 2 height value in a Portable Pixel Map ppm image, which triggers a...
CVE-2012-2784
Unspecified vulnerability in the decodepic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than CVE-2012-2777...
DEBIAN-CVE-2012-2784
Unspecified vulnerability in the decodepic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than CVE-2012-2777...
CVE-2012-2777
Unspecified vulnerability in the decodepic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than CVE-2012-2784...
DEBIAN-CVE-2012-2777
Unspecified vulnerability in the decodepic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than CVE-2012-2784...
DEBIAN-CVE-2012-2772
Unspecified vulnerability in the ffrv34decodeframe function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing with frame threading."...
Design/Logic Flaw
Unspecified vulnerability in the decodeframe function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."...
CVE-2012-2804
CVE-2012-2804 describes an unspecified vulnerability in libavcodec/indeo3.c affecting FFmpeg up to 0.11 and Libav up to 0.8.5, with an issue related to the reallocation code affecting luma height/width. The connected docs identify FFmpeg/Libav as the affected software and reference multiple vendo...
CVE-2012-2777
Unspecified vulnerability in the decodepic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than CVE-2012-2784...