Showing 26 - 34 of 34

Files from Chris Evans

libexslt-overflow.txt: Posted Jul 31, 2008; Authored by Chris Evans; The libexslt library bundled with libxslt is affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is present in the rc4 encryption/decryption functions. Versions 1.1.8 and above and 1.1.24 and below are affected.; tags | advisory, overflow, arbitrary, code execution; advisories | CVE-2008-2935; SHA-256 | 02774ffc00a1109e47a89ae5bf7cae9109a21ab74ca69164ed59e8c5d4f33966; Download | Favorite | View

jdk-overflow.txt: Posted Mar 12, 2008; Authored by Chris Evans; A couple more JPEG ICC parsing bugs were fixed in the latest JDK updates. Link to a malicious JPEG included.; tags | advisory, overflow; SHA-256 | 7733f14ba82041871e9e880fa5b320f8d44d631e00cf2e0e340c225595e2abe3; Download | Favorite | View

ghostscript-overflow.txt: Posted Mar 3, 2008; Authored by Chris Evans; Ghostscript versions 8.61 and below suffer from a stack-based buffer overflow in the zseticcspace() function in zicc.c.; tags | advisory, overflow; SHA-256 | a7a1a9152fc71552b1f14f698f66e184c5ac9a1846e81b33abc4a33e260b713b; Download | Favorite | View

MDKSA-2004:113.txt: Posted Oct 27, 2004; Authored by Chris Evans | Site mandrakesoft.com; Mandrake Linux Security Update Advisory - Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution.; tags | advisory, overflow, arbitrary, code execution; systems | linux, mandrake; advisories | CVE-2004-0888, CVE-2004-0889; SHA-256 | 38339c35eb37ea1704d38fa5c8d7a983c7db524a7de177b38224327194a45663; Download | Favorite | View

Chris Evans Security Advisory 2004.5: Posted Sep 17, 2004; Authored by Chris Evans; gtk+ version 2.4.4 has heap and stack-based overflows that can allow for the compromise of an account used to browse a malicious XPM file.; tags | advisory, overflow; advisories | CVE-2004-0782, CVE-2004-0783; SHA-256 | 109cfb0bda1034d53ac5db82dc78234e1d4ebcc321a14ba9479ce9f09f61a3f0; Download | Favorite | View

Chris Evans Security Advisory 2004.3: Posted Sep 17, 2004; Authored by Chris Evans; libXpm versions below 6.8.1 suffer from multiple stack and integer overflows.; tags | advisory, overflow; advisories | CVE-2004-0782, CVE-2004-0783; SHA-256 | fbd8d4486d62e535a9c1f5d140133d5544c6c2766a0a06ffdf2218a3d4d8b4d9; Download | Favorite | View

Chris Evans Security Advisory 2004.4: Posted Aug 20, 2004; Authored by Chris Evans | Site scary.beasts.org; qt version 3.3.2 has a heap overflow in its BMP parser.; tags | advisory, overflow; advisories | CVE-2004-0691; SHA-256 | a87464ce36d5b5cca9bf4c0ce0467eb6dfb66ef37ec4771fa65754ecf1be3997; Download | Favorite | View

Chris Evans Security Advisory 2004.1: Posted Aug 5, 2004; Authored by Chris Evans; libpng version 1.2.5 is susceptible to stack-based buffer overflows and various other code concerns.; tags | advisory, overflow; advisories | CVE-2004-0597, CVE-2004-0598, CVE-2004-0599; SHA-256 | 9fc510600a44d8e31608573552503b13a04a1c01395734a87d480c64618ef40c; Download | Favorite | View

DoS.knfsd: Posted May 17, 2000; Authored by Chris Evans; A DoS condition exists in the Linux kernel knfsd server. Remote, unauthenticated users (i.e. those with neither a directory mounted nor permission to mount one) can OOPS the host kernel. The OOPS does not bring down the target host, but it is possible to render the NFS service inoperable until a reboot.; tags | remote, denial of service, kernel; systems | linux; SHA-256 | 7a554cf14acdc3fef95cadd5e0b687b47576cc0e8024390737cb14e3860d6e69; Download | Favorite | View

Page 2 of 2 Back 1 2 Next

Top Authors In Last 30 Days