[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31148 Download | Alert*

Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.

The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.

The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector. Successful exploitation allows remote attackers to cause a denial of service (infinite loop).

The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector. Successful exploitation allows remote attackers to cause a denial of service (integer overflow and infinite loop).

The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector. Successful exploitation allows remote attackers to cause a denial of service (infinite loop).

The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector. Successful exploitation allows remote attackers to cause a denial of service (infinite loop).

The host is installed with Quicktime before 7.7.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with RLE encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is installed with Quicktime before 7.7.2 and is prone to an Integer overflow vulnerability. A flaw is present in the application, which fails to properly handle sean atoms. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is installed with Quicktime before 7.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted .pict file. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is installed with Microsoft Windows Server 2008 R2, R2 SP1, Windows 7 Gold or SP1 on the x64 platform and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle system requests. Successful exploitation could allow attackers to gain privileges.


Pages:      Start    1450    1451    1452    1453    1454    1455    1456    1457    1458    1459    1460    1461    1462    1463    ..   3114

© SecPod Technologies