[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253928

 
 

909

 
 

198006

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15202 Download | Alert*

It was found that glusterfs-common server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using "alloca". An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution.

An exploitable integer overflow exists in the "CustomData" Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to edit an object within a .blend library in ...

Memory corruption in rdp_in_unistr

An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created ".avi" file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerabili ...

plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service via a crafted file.

A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs-common server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs-common server node.

Major information leak in ui_clip_handle_data

An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vul ...

It was found that the "mknod" call derived from mknod can create files pointing to devices on a glusterfs-common server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs-common server node.

The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the "__server_getspec" function via the "gf_getspec_req" RPC message. A remote authenticated attacker could exploit this to cause a denial of service or other potential unspecified impact.


Pages:      Start    516    517    518    519    520    521    522    523    524    525    526    527    528    529    ..   1520

© SecPod Technologies