Secunia Research has discovered a vulnerability in various VMWare products, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the VMnc codec (vmnc.dll) and can be exploited to cause a heap-based buffer overflow via a specially crafted video file with mismatched dimensions. Successful exploitation may allow execution of arbitrary code.
98e5779cd33d22ed50f6e62e505b39329741b8a8e9298122fffb91d95633ff4eSecunia Research has discovered a vulnerability in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an off-by-one error in the iMonitor component when processing HTTP requests. This can be exploited to cause a stack-based buffer overflow via an HTTP request having a specially crafted "Accept-Language" header. Novell eDirectory versions 8.8 SP3 and 8.8 SP3 FTF3 are affected.
2f34e3feeeb38ee0c8b506220a1dac0bcaac3fe09cc192f9547318c22c6bcbcdSecunia Research has discovered a vulnerability in Adobe Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of Huffman encoded JBIG2 text region segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. Adobe Reader version 9.1.0 is affected.
8628a799db013887f6f7638ae105c3171c982627797e972918ff84f183df7579Secunia Research has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the processing of MS ADPCM encoded audio data. This can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. Successful exploitation may allow execution of arbitrary code. Apple QuickTime version 7.6 is vulnerable.
a2a4b3b1f79137e0bdaa1f56ec9cb556a63484d2f019f3520bd9593a4fd3fe1bSecunia Research has discovered a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow error in "sadmind" when allocating memory for incoming "sadmind" requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. Successful exploitation may allow execution of arbitrary code. Solaris versions 8 and 9 are affected.
2588276a4d4549d8fc09c553a149ec640174afe73c0379fa6574623a52c9e2ebSecunia Research has discovered a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in "sadmind" when decoding request parameters. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. Successful exploitation allows execution of arbitrary code. Solaris versions 8 and 9 are affected.
6effaf2c14d97816be959ffb5ea357ea6d0c0ee1105a70e8cb1cbc0d3b392880Secunia Research has discovered a vulnerability in CUPS, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error in pdftops while decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. CUPS version 1.3.9 is affected.
69cecc15d52272c8c8a0897ee8b9850da490e32c9e15ea296b4599e738188a11Secunia Research has discovered a vulnerability in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error while decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. Xpdf version 3.02pl2 is affected.
fa077be3403b3929a797bfc8071d7acf1a0ec98e5d1dda45ab503f0dff7e7e5cSecunia Research has discovered a vulnerability in DivX Web Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a signedness error in the processing of "STRF" (Stream Format) chunks. This can be exploited to cause a heap-based buffer overflow via a specially crafted DivX file. Successful exploitation may allow execution of arbitrary code by tricking a user into visiting a malicious website. Version 1.4.2.7 is affected.
54ea8ecf7fafd5257e181eedfb9f4396be203de36a9e6faff27b7efd86841baaSecunia Research has discovered a vulnerability in Ghostscript, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error in the included jbig2dec library while decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. Ghostscript version 8.64 is affected.
3e45593976ff44163557ee1faed79a1bbf8b00a557fd8e04db7f2215e79343ccSecunia Research has discovered a vulnerability Adobe Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of JBIG2 streams. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file containing a malformed JBIG2 symbol dictionary segment. Successful exploitation may allow execution of arbitrary code. Adobe Reader versions 8.1.3 and 9.0.0 are affected.
3a6f7e4aad0b7d0f7fb53f01f4c49768416ddd1ab350f118ec3c37a4d19d7965Secunia Research has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error when processing JBIG2 symbol dictionary segments. This can be exploited to dereference uninitialized memory via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code.
6ef4c16836c7610b92f1a0cb927a41ff77eee2ce316d8f26ef48ae1ddf06098cSecunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error in the libsndfile.dll library while processing CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking a user into processing a specially crafted CAF audio file. Successful exploitation may allow execution of arbitrary code. Versions 5.541 and 5.55 of Winamp are affected.
e97f2fe73e532a5dec458183af5d69b27e62e2a71a4a255ef386e4dca35a6f89Secunia Research has discovered a vulnerability in libsndfile, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error in the processing of CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking the user into processing a specially crafted CAF audio file. Successful exploitation may allow execution of arbitrary code. Version 1.0.18 of libsndfile is affected.
b5eb317c23578aec59191a12b52b4f678a3da0e4fb73652dfa8b4375cf3a713aSecunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the CamImage.CamImage.1 ActiveX control (AxisCamControl.ocx) and can be exploited to cause a heap-based buffer overflow by assigning an overly long string to the "image_pan_tilt" property. Successful exploitation allows execution of arbitrary code, but requires that the user is tricked into visiting and clicking a malicious web page. AXIS Camera Control version 2.40.0.0 is affected.
f0b0180856e9a0262f48ee0884649b780536e52f07ec1f178af12b3043c2f323Secunia Research has discovered a vulnerability in Trend Micro HouseCall, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an implementation error within the HouseCall ActiveX control (Housecall_ActiveX.dll). This can be exploited to e.g. download and load an arbitrary library file by specifying a custom update server. Successful exploitation allows execution of arbitrary code. Trend Micro HouseCall ActiveX Control versions 6.51.0.1028 and 6.6.0.1278 are affected.
9e66c81942f275bd4c568096bc7e97c86af7fb3bae3a6bbeb0c68e9f7a7968a2Secunia Research has discovered a vulnerability in Trend Micro HouseCall, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a use-after-free error in the HouseCall ActiveX control (Housecall_ActiveX.dll). This can be exploited to dereference previously freed memory by tricking the user into opening a web page containing a specially crafted "notifyOnLoadNative()" callback function. Successful exploitation allows execution of arbitrary code. Trend Micro HouseCall ActiveX Control versions 6.51.0.1028 and 6.6.0.1278 are affected.
f7d4170d51380b50b3229bbdfbfd97b6500d5154c69263a2bc8fd599516ec324Secunia Research has discovered a vulnerability in VLC Media Player versions 0.8.6h on Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error within the "Open()" function in modules/demux/wav.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted WAV file having an overly large "fmt" chunk.
e2f38b98275bda496b754a264185e18e366d990b4a6ce34468c89d7f4314050dSecunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "receive_smb_raw()" function in lib/util_sock.c when parsing SMB packets. This can be exploited to cause a heap-based buffer overflow via an overly large SMB packet received in a client context. Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser. Samba versions 3.0.28a and 3.0.29 are affected.
ace1e3490d62e1305a8527f476f4dc946ef19f53a86ef8ec100f95d0c1a120a2Secunia Research reported a vulnerability that allows for the execution of arbitrary code in smbd. This defect is is a result of an incorrect buffer size when parsing SMB replies in the routine receive_smb_raw(). Samba versions 3.0.0 through 3.0.29 are affected.
d7003f1c28c2ad87af590b45027e0424a9db86f02438797d09885e024d61f3e7Secunia Research has discovered a vulnerability in Adobe Flash Player, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of "Declare Function (V7)" tags. This can be exploited to cause a heap-based buffer overflow via specially crafted argument preload flags. Successful exploitation may allow execution of arbitrary code. Adobe Flash Player 9.0.115.0 is affected.
3008b08306d671064268d28e5e47b8bf5c3136bcacf087043bbc0748d3a5fe91Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "cli_scanpe()" function in libclamav/pe.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Upack" executable. Successful exploitation allows execution of arbitrary code. Versions 0.92 and 0.92.1 are affected.
a81b3d3c67a63c4ca6a31561c82906b1b5e76f01097c855531283798fd419e63Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "send_mailslot()" function. This can be exploited to cause a stack-based buffer overflow with zero bytes via a specially crafted "SAMLOGON" domain logon packet containing a username string placed at an odd offset followed by an overly long GETDC string. Samba version 3.0.27a is affected.
376828bcf7196a6f58b655b7aa9db87615a7a3a43f8bd8bb0026f562a2b0bbbbSecunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect is only be exploited when the "domain logons" parameter has been enabled in smb.conf. Samba versions 3.0.0 through 3.0.27a are affected.
7be840f338968d163f66836652eabb8e43e8b074bb11c1088262591d3245d4a5Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending NetBIOS replies. This can be exploited to cause a stack-based buffer overflow by sending multiple specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request. Successful exploitation allows execution of arbitrary code, but requires that Samba is configured to run as a WINS server (the "wins support" option is enabled). Samba version 3.0.26a is affected.
82afed15d3f975d552bba9eead56ad36e744e8f82013c3f2af53a1c26f333832
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed