what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

LibGD 2.2.2 Integer Overflow / Denial Of Service
Posted Aug 5, 2016
Authored by Kasper Leigh Haabb | Site secunia.com

Secunia Research has discovered a vulnerability in LibGD, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an integer overflow error within the "_gdContributionsAlloc()" function (gd_interpolation.c) and can be exploited to cause an out-of-bounds memory write access or exhaust available memory. Version 2.2.2 is affected.

tags | advisory, denial of service, overflow
advisories | CVE-2016-6207
MD5 | ed019bcb65da1d0ea371b5c93b2e6467

Related Files

Secunia Security Advisory 49142
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Baby Gekko, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | b7ce1515a1962acaf44e5d72ecc4b3ee
Citrix Access Gateway Plug-in For Windows nsepacom Buffer Overflow
Posted Aug 1, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via an overly long "CSEC" HTTP response header. Successful exploitation allows execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.

tags | advisory, web, overflow, arbitrary, activex
systems | windows
advisories | CVE-2011-2592
MD5 | 1bc295b946271ecd2579f8f939622ef7
Citrix Access Gateway Plug-in For Windows nsepacom Integer Overflow
Posted Aug 1, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Content-Length" HTTP response header. Successful exploitation may allow execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.

tags | advisory, web, overflow, arbitrary, activex
systems | windows
advisories | CVE-2011-2593
MD5 | d7652baa48d94a73aa28dc3115aece5e
Secunia Security Advisory 45299
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | windows
MD5 | f1c22fc10d8fc23b66e14423c28db7ef
Cisco Linksys PlayerPT Active-X SetSource() Buffer Overflow
Posted Jul 17, 2012
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system. Successful exploitation allows execution of arbitrary code. Cisco Linksys PlayerPT ActiveX Control version 1.0.0.15 is affected. Other versions may also be affected.

tags | advisory, overflow, arbitrary, activex
systems | cisco
advisories | CVE-2012-0284
MD5 | 7f6a48e8406e1e958428ab0ef9b73cf2
Secunia Security Advisory 49196
Posted Jul 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | cc8512902ea83cde1ef1159ed35eedfd
Network Instruments Observer SNMP Processing Buffer Overflows
Posted Jun 8, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered two vulnerabilities in Network Instruments Observer, which can be exploited by malicious people to compromise a vulnerable system. A boundary error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing the community string can be exploited to cause a heap-based buffer overflow via a specially crafted SNMP datagram. An error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing an Object Identifier (OID) can be exploited to cause a heap-based buffer overflow via a specially crafted Trap PDU (0xA4) SNMP datagram sent to UDP port 162. Successful exploitation of the vulnerabilities allows execution of arbitrary code, but may require the attacker to enumerate or guess the SNMP port. Observer version 15.1 Build 0007.0000 is affected.

tags | advisory, overflow, arbitrary, udp, vulnerability
MD5 | 2d0ebd977fc8e9b3b0b33604223b6e17
Network Instruments Observer SNMP OID Processing Denial Of Service
Posted Jun 8, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Network Instruments Observer, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "CSnmp::ASN1_ReadObjIDValue()" method (NISNMP.DLL) when processing an Object Identifier (OID) within a variable binding list. This can be exploited to cause a limited stack-based buffer overflow and cause a crash only via e.g. a specially crafted SetRequest SNMP datagram. Observer version 15.1 Build 0007.0000 is affected.

tags | advisory, denial of service, overflow
advisories | CVE-2012-0274
MD5 | 409759421ffb449665a68945ab0a1c42
Secunia Security Advisory 46365
Posted May 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in the JCE component for Joomla!, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 8cc2fa0510e0cd1769b5c5b1732d005f
Secunia Security Advisory 49206
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in the JCE component for Joomla!, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 429c43dc519e6afdc2143f7e47849051
Secunia Security Advisory 48663
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a security issue in Quest Toad for Data Analysts, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | bc01ce7a001bf957ed33fe295a4e6cc3
RealNetworks Helix Server SNMP Master Agent Denial Of Service
Posted Apr 10, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered two vulnerabilities in RealNetworks Helix Server, which can be exploited by malicious people to cause a denial of service. RealNetworks Helix Server version 14.2.0.212 is affected.

tags | advisory, denial of service, vulnerability
MD5 | 8ae1e34c31da641f023a4273ba825630
RealNetworks Helix Server Credentials Disclosure
Posted Apr 10, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a security issue in RealNetworks Helix Server, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the user and administrative credentials being insecurely stored in the flat file database (\Program Files\Real\Helix Server\adm_b_db\users\). This can be exploited by local users to disclose the clear text passwords. RealNetworks Helix Server version 14.2.0.212 is affected.

tags | advisory, local, info disclosure
advisories | CVE-2012-1923
MD5 | 698cd5f4d0e7c3a41acb7d561335f8b9
Secunia Security Advisory 48719
Posted Apr 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Csound, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | e35b6214ceb7b695c04dbaee09830ebb
Secunia Security Advisory 48148
Posted Apr 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Csound, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 2a4afd1101654981a37889eca69eab43
Secunia Security Advisory 45462
Posted Apr 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in MinaliC, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 358910b07b5741f8995af23a50cf4e20
Secunia Security Advisory 47585
Posted Feb 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Csound, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 04b7a3a640bf8b755c5c494861feb0db
NTR ActiveX Control StopModule() Input Validation
Posted Jan 12, 2012
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of the "StopModule()" method and can be exploited via a specially crafted "lModule" parameter to reference an expected module structure at an arbitrary memory address. This can be exploited to dereference an arbitrary value in memory as a function pointer. Successful exploitation allows execution of arbitrary code. NTR ActiveX Control version 1.1.8 is affected.

tags | advisory, arbitrary, activex
advisories | CVE-2012-0267
MD5 | 2c8a2024bca6163f58a076a2997feca7
NTR ActiveX Control Four Buffer Overflows
Posted Jan 12, 2012
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.

tags | advisory, overflow, activex
advisories | CVE-2012-0266
MD5 | bb2fb73522f7d89a541f1a1680cf29bb
Secunia Security Advisory 45166
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability, activex
MD5 | 5715c66234cc1a6ab5e1329d36b1fbfe
Secunia Security Advisory 46097
Posted Dec 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in the WP Symposium plugin for WordPress, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 0fc5326884941708c3beda158da5964e
Secunia Security Advisory 46163
Posted Dec 19, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Wuzly, which can be exploited by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, script insertion attacks, SQL injection attacks, disclose sensitive information, and bypass certain security restrictions.

tags | advisory, vulnerability, xss, sql injection, csrf
MD5 | c41375c2ccbd2d7392454b7fb4299e07
Sterling Trader Data Processing Buffer Overflow
Posted Dec 13, 2011
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Sterling Trader, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in Base.exe when processing network requests (code 176). This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to a certain TCP port. Successful exploitation allows execution of arbitrary code, but requires guessing the TCP port, which is dynamically assigned. Version 7.0.2 is affected.

tags | advisory, overflow, arbitrary, tcp
advisories | CVE-2011-3842
MD5 | 4d0fa857780b87bbc4f47cd75f293e79
Winamp AVI Processing Two Integer Overflows
Posted Dec 12, 2011
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered two vulnerabilities in Winamp version 5.622, which can be exploited by malicious people to compromise a user's system. An integer overflow error in the in_avi.dll plugin when allocating memory using the number of streams header value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. An integer overflow error in the in_avi.dll plugin when allocating memory using the RIFF INFO chunk's size value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.

tags | advisory, overflow, vulnerability
advisories | CVE-2011-3834
MD5 | 0002d0389c31bc4d0e910349e728a1bd
Secunia Security Advisory 47243
Posted Dec 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in the WP Symposium plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | a0388b4d13558e1319ddb337c0bbcd35
Page 1 of 4
Back1234Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    2 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close