The libavcodec library, an open source video encoding/decoding library part of the FFmpeg project, suffers from an arbitrary offset dereference vulnerability. The vulnerability affects the flic file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific flic file can be crafted to trigger the vulnerability. Versions 0.6 and below are affected.
91eb4e7bc98d45207f87d7999b2a67a127df42b8c0587aab9c0f0d5d54643137Free Simple CMS versions 1.0 and below suffer from a remote file inclusion vulnerability.
1f0bab6915c38374d04f3409e9cca75897c9d33487ecd6ea9df084d256e824caJoomla versions 1.5.19 and below suffer from cross site scripting vulnerabilities.
3b4fb9c3327b271275a41e8fc47c6c2e117dced54ae4efa6839e9540481a5804lftp versions 4.0.5 and below, wget versions 1.12 and below and libwww-perl versions 5.034 and below all suffer from an unexpected download filename vulnerability.
5ed219b8e2a3ab25f425c235293340dcdc12aaef2f6702a1579c6025a9c9b1f7Ganeti versions greater than and equal to 1.2.9, 2.0.5, and 2.1.0-rc2 suffer from an arbitrary code execution vulnerability.
38ad9fb8176a29c49ef7d6bc05a8b7d39a8a5f0fd8c68eab4b4ac8fe36fc89c9PHP versions prior to 5.3.1 suffer from from several bugs that may pose a security risk. Issues such as buffer overflows, arbitrary memory reads, and more have been addressed.
c307d37e34d7297809aa54256b01c4c1dc7a04599f485122ab50a3cb3b7c3401KDE suffers from multiple insufficient validation vulnerabilities that can result in the execution of active content. Versions below 4.3.2 are affected.
ecdec1474c60e06f8d03ae23981515ca996b2e57443237988e158fc66e77b190Both the Poppler and Xpdf projects are vulnerable to an integer overflow during heap memory allocation when processing a PDF file. In general, this results in unexpected process termination. If an application using this code is multi-threaded (or uses a crash signal handler), it may be possible to execute arbitrary code. Poppler versions below 0.12.1 are affected. Xpdf versions below 3.02p14 are affected.
aafbc29fb69700ddfede45739b89f53ecdd9feddad2b8b638abff600d022e08bAll Android 1.5 RBxx versions suffer from two denial of service vulnerabilities.
c995af456c843424b240f60482ba90ae28845ebea4d06ffb4d5017efb6ce1227yTNEF, an open source filter program that decodes Transport Neutral Encapsulation Format (TNEF) e-mail attachments, and the Evolution TNEF attachment decoder plugin suffer from directory traversal and buffer overflow vulnerabilities.
80741074c87446822e602dc6983c0d6583846d23887b4bd2bf282906fe5d80a3Android, an open source mobile phone platform, improperly checks permissions when applications access the camera and audio resources. All 1.5 GRBxx versions are affected.
4b7c6f448acecc2ccbd344ea7c61afdac0b498f3432e5044a92d1cb41fd80890The mimeTeX and mathTeX CGIs suffer from several buffer overflows as well as command injection which result in remote code execution. Unfortunately mimeTeX and mathTex are provided without version numbers by the maintainer, who releases version-less zip archives. It is therefore impossible to provide affected version numbers.
0181f431cd410e4c33142e0c3e7cd11c54e2c56b58df8719276e741e9c0c3aedThe libtiff image library tools suffer from integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The libtiff package ships a library, for reading and writing TIFF, as well as a small collection of tools for manipulating TIFF images. The cvt_whole_image function used in the tiff2rgba tool and the tiffcvt function used in the rgb2ycbcr tool do not properly validate the width and height of the image. Specific TIFF images with large width and height can be crafted to trigger the vulnerability.
9e9c7deaec9dd58d4d77399f154f17a206dba8d37ca5edc54e61b7f12217a6adDillo, an open source graphical web browser, suffers from an integer overflow which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by HTML pages with embedded PNG images, the Png_datainfo_callback function does not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. Versions 2.1 and below are affected.
0a9bd01bbd35cd229feb029c2a84091f982b71b8dbf99cb85b892b57eae472c1FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary directories on the server filesystem and allows file uploading to arbitrary locations. The affected code is remotely exposed before authentication. An attacker can exploit this vulnerability to install remote shells on the victim server among other things, it should be noted that this vulnerability is being actively exploited in the wild. Versions 2.6.4 and below are affected.
e8fb00e2c1d4004e9c9d5b6c8091560a3a8bc7b786b95c5a80061e93d79b8354CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability.
6bce357007801b08db39f99787240e44b3e48ab2eb8fd2ac497872dcab4f8b7eAndroid, an open source mobile phone platform, improperly checks developer certificates when installing packages that request the shared user identifier (uid) permission. Android versions greater and equal to 1.5 CRB17 and less than or equal to 1.5 CRB42 are affected.
4529118996146152d1d83f69c6d70389ced40256af266233bb1f2cd14f0ae955AjaxTerm suffers from a session id collision vulnerability. Versions 0.10 and below are affected.
a26a4d03be722182ca819bc2bda3f25b415f54ecefc7b262acaebd030d3024e0Pango suffers from an integer overflow during heap allocation size calculations.
25824ba2d7dd0a37d1a590740cc4a39088732380d9d9c415e4dc4d4617ab7682LittleCMS, an open source color management engine, suffers from several integer errors, resulting in stack based buffer overflows and various heap errors as well as dangerous memory leaks. Decoding a specially crafted image file will result in unexpected process termination, Denial Of Service conditions or arbitrary code execution due to stack overflow. Versions 1.17 and below are affected.
5d153924342e064a181f332c2fe5c861183cf0ba99258a99b23ce5e1958ba492Base64 encoding and decoding functions in glib suffer from vulnerabilities during memory allocation which may result in arbitrary code execution when processing large strings. A number of other GNOME-related applications which predate glib are vulnerable due to the commonality of this flawed code.
53bba693225b9b5a30ee3d26bab42447350b5931b378ef7725720712448ef169The OpenCORE multimedia decoding subsystem suffers from an insufficient bounds checking vulnerability during MP3 decoding. Versions 2.0 and below are affected.
b7188685b4ebf996c46ba261e28de1087393ed44b83cbc02bbce72508eb66d36Several functions inside the OpenSSL library incorrectly check the result after calling the EVP_VerifyFinal function. This bug allows a malformed signature to be treated as a good signature rather than as an error. This issue affects the signature checks on DSA and ECDSA keys used with SSL/TLS. The flaw may be exploited by a malicious server or a man-in-the-middle attack that presents a malformed SSL/TLS signature from a certificate chain to a vulnerable client, bypassing validation.
f5724c1eba1778218b03f1b5af75356b08e95a08bbe2b92274df7f31dea9d59aThe MPlayer multimedia player suffers from a vulnerability which could result in arbitrary code execution and at the least, in unexpected process termination. Three integer underflows located in the Real demuxer code can be used to exploit a heap overflow, a specific video file can be crafted in order to make the stream_read function reading or writing arbitrary amounts of memory. Versions 1.0 RC2 and below are affected.
f47bbc552774c9b5545581209953d5f8219b79416c8f70eb63e89a8fd31e6423Two cross-site scripting (XSS) vulnerabilities were reported in Horde Framework. The first of which is that the Horde framework fails to properly sanitize the filename of MIME attachments on received emails. The second vulnerability has a wider impact. Horde relies on code similar to Popoon's externalinput.php to filter out potential XSS attacks on user-supplied input. This filter, and the original, fail to fully sanitize user data.
acda1d56ba4b8127f008b4511f6c73504b17ce52451cced4c4ab5e70aa2f8410
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed