what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

EMC AlphaStor 4.0 Build 116 Buffer Overflow
Posted May 9, 2013
Site emc.com

A buffer overflow vulnerability exists in EMC AlphaStor that could potentially be exploited by a malicious user to create a denial of service condition or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2013-0946
SHA-256 | 404c2ed57cf66622d085924cf32617827a359da5b06dc524e83d1ec35939780f

Related Files

Gentoo Linux Security Advisory 201208-01
Posted Aug 15, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201208-1 - A buffer overflow in socat might allow remote attackers to execute arbitrary code. Versions less than 1.7.2.1 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-0219
SHA-256 | 5ba3149b5f1771cf176c32952ee57223f04b09538cb30fff6bad71d6dd9db4d3
Mandriva Linux Security Advisory 2012-105
Posted Jul 13, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-105 - Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code. This update provides pidgin 2.10.6, which is not vulnerable to this issue.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-3374
SHA-256 | 7c185305688a5cfa89d9db251c3b24316e457ced47fbef3f5bb81d3426a8a0ee
Gentoo Linux Security Advisory 201207-03
Posted Jul 10, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201207-3 - A buffer overflow vulnerability in ChaSen could result in the execution of arbitrary code. Versions less than 2.4.4-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2011-4000
SHA-256 | 6a8d51168fa63fe562deb52893a4f50c18f8830a2ad6aa032d44bf69ed8068de
Debian Security Advisory 2509-1
Posted Jul 9, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2509-1 - Ulf Harnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution.

tags | advisory, remote, overflow, code execution, protocol
systems | linux, debian
advisories | CVE-2012-3374
SHA-256 | 34f459309c2d1dcbc50629b0c7d27153a6e3700d8fdab0296501357511e10da3
Mandriva Linux Security Advisory 2012-101
Posted Jul 5, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-101 - libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the tiff2pdf tool. An attacker could use these flaws to create a specially-crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-2088, CVE-2012-2113
SHA-256 | e81bc3fded716546e6bd858f7b6520b39a17eed684d0ca55ad4f000fcdc900f2
Plow 0.0.5 Buffer Overflow
Posted Jul 4, 2012
Authored by Jean Pascal Pereira

Plow command line playlist generator version 0.0.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 1b0190493c6d4750f65fb5bf9746711aff97801af066f351fcc086f07d490965
Red Hat Security Advisory 2012-1054-01
Posted Jul 3, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1054-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the tiff2pdf tool. An attacker could use these flaws to create a specially-crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2088, CVE-2012-2113
SHA-256 | aa7091faf66f19c024f40bef276e0d72c10f88b0a3f2bd15a274362485c96a2d
Red Hat Security Advisory 2012-1043-01
Posted Jun 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2149
SHA-256 | e23252ae448c1a44a7f03eeeafc940ab7c8d750681fe5a9dbffb9731f0bfe7c1
Gentoo Linux Security Advisory 201206-07
Posted Jun 21, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-7 - A buffer overflow vulnerability in nginx could result in the execution of arbitrary code. Versions less than 1.0.15 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-2089
SHA-256 | 33aca67b416b7c51afaab4dee2974dd8f64efde12504f417dc3b9bded504aff2
Red Hat Security Advisory 2012-0880-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0880-04 - Qt is a software toolkit that simplifies the task of writing and maintaining GUI applications for the X Window System. HarfBuzz is an OpenType text shaping engine. A buffer overflow flaw was found in the harfbuzz module in Qt. If a user loaded a specially-crafted font file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. A flaw was found in the way Qt handled X.509 certificates with IP address wildcards. An attacker able to obtain a certificate with a Common Name containing an IP wildcard could possibly use this flaw to impersonate an SSL server to client applications that are using Qt. This update also introduces more strict handling for hostname wildcard certificates by disallowing the wildcard character to match more than one hostname component.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-5076, CVE-2011-3922
SHA-256 | 88fdefaee5d521cf6eb6d97528778445e48f16725d34e7207c5a2cb76e6cb77b
Red Hat Security Advisory 2012-0743-01
Posted Jun 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0743-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A buffer overflow flaw was found in the macvtap device driver, used for creating a bridged network between the guest and the host in KVM environments. A privileged guest user in a KVM guest could use this flaw to crash the host. Note: This issue only affected hosts that have the vhost_net module loaded with the experimental_zcopytx module option enabled, and that also have macvtap configured for at least one guest.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2012-0044, CVE-2012-1179, CVE-2012-2119, CVE-2012-2121, CVE-2012-2123, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373
SHA-256 | 2480f3d6a1b6962283dd9e04ff5f1211daab9bed3388bb442c0b82afde24b21d
Debian Security Advisory 2495-1
Posted Jun 16, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2495-1 - A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service.

tags | advisory, denial of service, overflow
systems | cisco, linux, debian
advisories | CVE-2012-3291
SHA-256 | 442b6bf476818c5707cbcf2328190e8b4cc3499ff967a3ec60ad5c4de6262e62
TFM MMPlayer (m3u/ppl File) Buffer Overflow
Posted Jun 16, 2012
Authored by RjRjh Hack3r | Site metasploit.com

This Metasploit module exploits a buffer overflow in MMPlayer 2.2 The vulnerability is triggered when opening a malformed M3U/PPL file that contains an overly long string, which results in overwriting a SEH record, thus allowing arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-80532
SHA-256 | 94a5538fac833ce0d40cb77f27f7d48f3d8f56c693a6be7f095f4777f86bcb80
Sielco Sistemi Winlog Buffer Overflow 2.07.14
Posted Jun 8, 2012
Authored by m1k3 | Site metasploit.com

This Metasploit module exploits a buffer overflow in Sielco Sistem Winlog <= 2.07.14. When sending a specially formatted packet to the Runtime.exe service on port 46824, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | 1a8bb46f85df789796e7923d8179c18365a8ea6bf644f0480c03f28ecc53fa3c
Zero Day Initiative Advisory 12-089
Posted Jun 7, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP packet, the application will trust a size field in the packet. The application will use this size in a copy operation into a statically sized buffer which can cause a buffer overflow. This can lead to code execution under the context of the service.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-4164
SHA-256 | 43d89dc6d8f2896d4073d62babb332c51c310b1770c3161b7ee5c9e499ed4724
Zero Day Initiative Advisory 12-088
Posted Jun 7, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP DataDirect SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application parses a packet that is received. When parsing a field in this packet, the application will use a signed length to copy data into a statically sized buffer located on the stack. This can lead to a buffer overflow on the stack and allow for code execution under the context of the service.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-4163
SHA-256 | f203aea2ee76cb87d0d30eb0dcf903a08388cd2b6769d0937ce793c27023bc74
Zero Day Initiative Advisory 12-075
Posted Jun 6, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-075 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec. When decompressing the sample, the application will fail to accommodate for the canvas the sample is rendered into. This can cause a buffer overflow and thus can be taken advantage of in order to gain code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2012-0668
SHA-256 | d5468bb73b626a9a652d543969f2fda02d088248591c4fe62f3624ccad53adb2
Sielco Sistemi Winlog 2.07.14 Buffer Overflow
Posted Jun 5, 2012
Authored by m1k3

Sielco Sistemi Winlog version 2.07.14 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 71dc0e478c018802c78851d100f2652f7e842e3e1604094dcb13528a24d8940e
Red Hat Security Advisory 2012-0705-01
Posted Jun 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0705-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a buffer overflow, was found in the way OpenOffice.org processed an invalid Escher graphics records length in Microsoft Office PowerPoint documents. An attacker could provide a specially-crafted Microsoft Office PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-1149, CVE-2012-2334
SHA-256 | 6a657f9b42a90e909284ccc79fb9187564b90245173cbab2a1f6851f0a6a3370
Sysax 5.60 Create SSL Certificate Buffer Overflow
Posted Jun 4, 2012
Authored by Craig Freyman

Sysax versions 5.60 and below suffer from a buffer overflow vulnerability when creating an SSL certificate.

tags | exploit, overflow
SHA-256 | 25b09a6e92ff4d9c00a80eaae87713ec5fe32db0a7d9c1c488dd9ed1a7a31810
Gentoo Linux Security Advisory 201206-02
Posted Jun 3, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-2 - A buffer overflow in QtGui could result in execution of arbitrary code or Denial of Service. Versions less than 4.7.4-r1 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2011-3194
SHA-256 | 3e8fe99c5b4cd12ef5e54050c573dfb17c9be459a9ae7b4a445a8accc9356713
GIMP script-fu Server Buffer Overflow
Posted Jun 2, 2012
Authored by juan vazquez, Joseph Sheridan | Site metasploit.com

This Metasploit module exploits a buffer overflow in the script-fu server component on GIMP <= 2.6.12. By sending a specially crafted packet, an attacker may be able to achieve remote code execution under the context of the user. This Metasploit module has been tested on GIMP for Windows from installers provided by Jernej Simoncic.

tags | exploit, remote, overflow, code execution
systems | windows
advisories | CVE-2012-2763, OSVDB-82429
SHA-256 | 639458a065dfbd4eece13f18e4a4a8606ca0ea7c1392c33c55adb20317d1bdad
GIMP 2.6 script-fu Buffer Overflow
Posted May 31, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

There is a buffer overflow in the script-fu server component of GIMP (the GNU Image Manipulation Program) in all 2.6 versions (Windows and Linux versions) affecting both the script-fu console and the script-fu network server. A crafted msg to the script-fu server overflows a buffer and overwrites several function pointers allowing the attacker to gain control of EIP and potentially execute arbitrary code. Proof of concept code included.

tags | exploit, overflow, arbitrary, proof of concept
systems | linux, windows
advisories | CVE-2012-2763
SHA-256 | 3314be7d12f71ac43757fa38c7b5d582d33d0a31d034dd7a8a87b9037b9edecb
ispVM System XCF File Handling Overflow
Posted May 28, 2012
Authored by unknown, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in ispVM System 18.0.2. Due to the way ispVM handles .xcf files, it is possible to cause a buffer overflow with a specially crafted file, when a long value is supplied for the version attribute of the ispXCF tag. It results in arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-82000
SHA-256 | dd306ebaa1dbb06e60f50cd822da5c809e6e45d3a3bec14bed35322b5703fd6a
ResEdit 1.5.11-win32 Buffer Overflow
Posted May 25, 2012
Authored by Walied Assar

ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.

tags | exploit, denial of service, overflow, proof of concept
systems | linux, windows
SHA-256 | b262a9976e97dcbc6e64df36a7f4ee9302668979e3d09d6cc91825b139dcfede
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close