Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing specially crafted TGA image files. This is due to an application failure to sanitize the parameter Color Map Entry Size while parsing TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
cd67a822ff370f9dc2ed6a580dba164b1c12edeed9edaa46caf6dc4a6956aab4Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing the specially crafted TGA image files. This is due to application failure to sanitize the parameter ImageWidth value while parsing TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
7f7c93d74581c8bf0e5a052e5abee464179161e6e4b50965e105653b5072be4cFortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered an improper memory access vulnerability in the Apple QuickTime Player. The vulnerability exists when parsing specially crafted TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause memory access violation, leading to potential arbitrary command execution.
b631a860862da4e90b8e54eb3187262c7fb600075606e26c73dd38261da6474fFortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a Denial of Service Vulnerability in the Apple QuickTime Player. Apple QuickTime has a denial of service vulnerability in parsing the specially crafted TIFF image files. This is due to an application failure to sanitize the parameter ImageWidth value while parsing TIFF image files. A remote attacker could construct a web page with a specially crafted tiff file and entice a victim to view it, when the user opens the TIFF image with Internet Explorer or Apple QuickTime Player, it will a cause memory access violation, leading to denial of service.
baab435debc09cc8f4dc4ab92b9e3e3b495072880b982fe42813601b6099cba5Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a vulnerability in the Apple QuickTime Player. Apple QuickTime has a vulnerability in parsing the specially crafted TIFF image files. This is due to application failure to sanitize the parameter StripOffsets value while parsing TIFF image files. A remote attacker could construct a web page with specially crafted tiff file and entice a victim to view it, when the user opens the TIFF image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
3b588cf7f6f92dd97bbaf61f07231058a4a3d25ed43f154b696b82c9a40f1898Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing the specially crafted TIFF image files. This is due to application failure to sanitize the parameter StripByteCounts while parsing TIFF image files. A remote attacker could construct a web page with specially crafted tiff file and entice a victim to view it, when the user opens the TIFF image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, and leading to potential arbitrary command execution.
09a92ec1846789359ad9a5d09cdc149c4401610255743ba875be582f9035afd4Wordcircle 2.17 is susceptible to SQL injection and cross site scripting flaws. Exploitation details provided.
cfbaca141f33fbd3f94c5292e59db592091d0f2814113d049ab2029dff58c815Wordcircle version 2.17 is susceptible to SQL injection attacks that allows for authentication bypass. Exploitation details provided.
03db31b609ab28517fa463c90a4a6207e7660ea232e5adca2d71d60c52e5f467TankLogger version 2.4 is susceptible to SQL injection attacks. Exploitation details provided.
1d6a67762af5cc3470ae87fa925528892796b1ed012e1ccb5c48482c3ac921daACal version 2.2.5 is susceptible to system bypass.
a7032d684662eea5898f916e53684a1d0583490dbd527e001fa32e026c8a5a2eHelm version 3.2.8 is susceptible to cross site scripting attacks.
98f6d7f5855ce6ab1b9554f2db091a9884c3041a4f6b80c4407d78668a2a8c46Clam AntiVirus versions 0.80 through 0.87.1 suffer from a code execution flaw during the uncompressing of files compressed with with FSG version 1.33.
e5cbb610d8a410d3a4bfe8dea11e86e4a99a95bd75e78fb2dfe90c27cd0fef1fH-Sphere versions 2.4.3 Patch 8 and below suffer from a cross site scripting vulnerability.
01f1b7916b7aa517c3d61becc582f024b4788ff0c1e2cb131e4e4417227b4346Hardened-PHP Project Security Advisory - PHP5 comes with the new mysqli extension, which recently got a new error reporting feature using exceptions. When an exception for such an error is thrown the error message is used as format string. Depending on the situation and configuration, f.e. a malicious MySQL server or an erroneous SQL query (f.e. through SQL injection) can result in PHP reporting a (partly) user supplied error message, which can result in triggering the format string vulnerability, which can lead to remote code execution. Versions 5.1 through 5.1.1 are affected. PHP4 is not affected.
18ec3642ab2d62fd5a42bd5d1437d23a8fe3f61f1cff06e814d6b1aa5c3b93adHardened-PHP Project Security Advisory - Since PHP5 a user supplied session ID is sent back to the user within a Set-Cookie HTTP header. Because there were no checks performed on the validity of this session id, it was possible to inject arbitrary HTTP headers into the response body of applications using PHP's builtin session functionality by supplying a special crafted session id. Versions 5.1.1 and below are affected. PHP4 is not affected.
4971bbe2e06b48a7908ab9d7d47baf826e68790f86a6405adda7b5e886c9d6e9Cisco Security Advisory - A vulnerability exists in Cisco Aironet Wireless Access Points (AP) running IOS which may allow a malicious user to send a crafted attack via IP address Resolution Protocol (ARP) to the Access point which will cause the device to stop passing traffic and/or drop user connections. Repeated exploitation of this vulnerability will create a sustained DoS.
9e44188c7f19445fc07867995b3ef8eac60426ddd5499d48f8cca001d063c680The PHP Toolkit for PayPal version 0.50 is susceptible to payment system bypass and sensitive information disclosure.
43b246935bab9babfa249877cd96f914cbb0f5db65ce90946baa156f04205185Debian Security Advisory DSA 937-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in tetex-bin, the binary files of teTeX, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
cdc9ec56d3dcb6f9b94ad26d56a66168bd2d076d82981f4c60ca29a34219df94FogBugz versions 4.029 and below suffer from a cross site scripting vulnerability.
69bcc10ae466ddfbc9181b97006a4351051b6e3e1b49b31a209a3bf0c849a5cbInterspire TrackPoint NX versions below 0.1 suffer from a cross site scripting vulnerability.
bc4986d450edf7480ea5ddb37c233abdcb96810d7403be4ed571727bcb7da91bTechnical Cyber Security Alert TA06-011A - Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service.
0c0b8f8abdfddc63d81776abdf6b6b68c7a274f47f34ee7f05bdec6bf949f506Red Hat Security Advisory - A cross-site scripting flaw was found in the way Struts displays error pages. It may be possible for an attacker to construct a specially crafted URL which could fool a victim into believing they are viewing a trusted site.
27a1781d3d2f97e4e625310dacf41e0c2fee5bf4defb046d8925ae3d6a770540eEye Security Advisory - eEye Digital Security has discovered a critical heap overflow in the Apple Quicktime player that allows for the execution of arbitrary code via a maliciously crafted GIF file. This flaw has proven to allow for reliable control of data on the heap chunk and can be exploited via a web site by using ActiveX controls.
cc94c3ea3b6b057626aed1b68cf54134be69b95753dba40f5fb6627667ad207feEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code in the context of the user who executed the player or application hosting the QuickTime plug-in. This specific flaw exists within the QuickTime.qts file which many applications access QuickTime's functionality through. By specially crafting atoms within a movie file, a direct heap overwrite is triggered, and reliable code execution is then possible.
18acba653b6ffeaa75541090e022e221bd6522834bc69e991dccdbe23eff3ff3eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code in the context of the user who executed the player or application hosting the QuickTime plug-in. This specific flaw exists within the QuickTime.qts file which many applications access QuickTime's functionality through. By specially crafting atoms within a movie file, a direct heap overwrite is triggered, and reliable code execution is then possible.
de6c4384d0c4457c6aa83c3b2b67e9967d072d34865aa140328debd4221776b4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed