A variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms.
22dd5e111e5c4f6aa908cc54c3e0e83aThe libavcodec library, an open source video encoding/decoding library part of the FFmpeg and Libav projects, performs insufficient boundary check against a buffer index. The missing check can result in arbitrary read/write of data outside a destination buffer boundaries. The vulnerability affects the Chinese AVS video (CAVS) file format decoder, specially crafted CAVS files may lead to arbitrary code execution during decoding.
5972a65dc973e40b0d9708a977ed364dChyrp versions 2.1 and below suffer from cross site scripting, local file inclusion, shell upload, and directory traversal vulnerabilities. Both the oCERT and original advisories are included here.
d2e9d03bb363c9b30358d7e88edeeb59The libavcodec library, an open source video encoding/decoding library part of the FFmpeg project, suffers from an arbitrary offset dereference vulnerability. The vulnerability affects the flic file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific flic file can be crafted to trigger the vulnerability. Versions 0.6 and below are affected.
c04676de70ace56cf68c31687cda89b4Free Simple CMS versions 1.0 and below suffer from a remote file inclusion vulnerability.
1f65a4ef40d4652202b98d90a136a562Joomla versions 1.5.19 and below suffer from cross site scripting vulnerabilities.
aa5ce398683961f978d74585ae5e49a2lftp versions 4.0.5 and below, wget versions 1.12 and below and libwww-perl versions 5.034 and below all suffer from an unexpected download filename vulnerability.
865c279bde60de827006f34305c6abccGaneti versions greater than and equal to 1.2.9, 2.0.5, and 2.1.0-rc2 suffer from an arbitrary code execution vulnerability.
ec1e5f6ccb9b1385a358b44d724ff709PHP versions prior to 5.3.1 suffer from from several bugs that may pose a security risk. Issues such as buffer overflows, arbitrary memory reads, and more have been addressed.
cdca4af8433ec6b68de31c06585615daKDE suffers from multiple insufficient validation vulnerabilities that can result in the execution of active content. Versions below 4.3.2 are affected.
6fc99ca72f8b5208b0333b8b1b8747f9Both the Poppler and Xpdf projects are vulnerable to an integer overflow during heap memory allocation when processing a PDF file. In general, this results in unexpected process termination. If an application using this code is multi-threaded (or uses a crash signal handler), it may be possible to execute arbitrary code. Poppler versions below 0.12.1 are affected. Xpdf versions below 3.02p14 are affected.
17ed35fa020f70c293c01bdefa9277fdAll Android 1.5 RBxx versions suffer from two denial of service vulnerabilities.
c7be15aac3e23fee02e4ba095f0dddd6yTNEF, an open source filter program that decodes Transport Neutral Encapsulation Format (TNEF) e-mail attachments, and the Evolution TNEF attachment decoder plugin suffer from directory traversal and buffer overflow vulnerabilities.
916f7f91a9a0027c035d7ad8a70ca3f5Android, an open source mobile phone platform, improperly checks permissions when applications access the camera and audio resources. All 1.5 GRBxx versions are affected.
757508375af779890149063db6295b6fThe mimeTeX and mathTeX CGIs suffer from several buffer overflows as well as command injection which result in remote code execution. Unfortunately mimeTeX and mathTex are provided without version numbers by the maintainer, who releases version-less zip archives. It is therefore impossible to provide affected version numbers.
c7054415cf4b97f427efeec7cef352edThe libtiff image library tools suffer from integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The libtiff package ships a library, for reading and writing TIFF, as well as a small collection of tools for manipulating TIFF images. The cvt_whole_image function used in the tiff2rgba tool and the tiffcvt function used in the rgb2ycbcr tool do not properly validate the width and height of the image. Specific TIFF images with large width and height can be crafted to trigger the vulnerability.
fcb3f51181cf6c6954e889e7098ad494Dillo, an open source graphical web browser, suffers from an integer overflow which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by HTML pages with embedded PNG images, the Png_datainfo_callback function does not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. Versions 2.1 and below are affected.
828e7861ba812ab27254e74ea5809acbFCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary directories on the server filesystem and allows file uploading to arbitrary locations. The affected code is remotely exposed before authentication. An attacker can exploit this vulnerability to install remote shells on the victim server among other things, it should be noted that this vulnerability is being actively exploited in the wild. Versions 2.6.4 and below are affected.
7f3b395b7d13a83c0e65efe52d9ee4e8CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability.
4fa5917b93622cf557fa89435814a10bAndroid, an open source mobile phone platform, improperly checks developer certificates when installing packages that request the shared user identifier (uid) permission. Android versions greater and equal to 1.5 CRB17 and less than or equal to 1.5 CRB42 are affected.
4dbaa2f5640fe4f326b34028b69909f5AjaxTerm suffers from a session id collision vulnerability. Versions 0.10 and below are affected.
4c400d7be74a21f486f1d135f7d48311Pango suffers from an integer overflow during heap allocation size calculations.
5b625b1fb99725e0ed7490a7e1dc50c8LittleCMS, an open source color management engine, suffers from several integer errors, resulting in stack based buffer overflows and various heap errors as well as dangerous memory leaks. Decoding a specially crafted image file will result in unexpected process termination, Denial Of Service conditions or arbitrary code execution due to stack overflow. Versions 1.17 and below are affected.
1b17b9ec080bda20fd137c377aa1497fBase64 encoding and decoding functions in glib suffer from vulnerabilities during memory allocation which may result in arbitrary code execution when processing large strings. A number of other GNOME-related applications which predate glib are vulnerable due to the commonality of this flawed code.
14e09a36cebfeef1876eb083dcfdcce0The OpenCORE multimedia decoding subsystem suffers from an insufficient bounds checking vulnerability during MP3 decoding. Versions 2.0 and below are affected.
d6e9159ad3fd47663a2006705737d01c
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed