Page 5 of 90 results (0.004 seconds)

CVSS: 7.5EPSS: 7%CPEs: 73EXPL: 0

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 http://www.debian.org/security/2004/dsa-548 http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:089 http://www.redhat.com/support/errata/RHSA-2004-465.html http://www.securityfocus.com/bid/11084 https://exchange.xforce.ibmcloud.com/vulnerabilities/17182 https://oval.cisecurity.org •

CVSS: 7.5EPSS: 4%CPEs: 73EXPL: 0

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. • http://secunia.com/advisories/28800 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1 http://www.debian.org/security/2004/dsa-547 http://www.redhat.com/support/errata/RHSA-2004-480.html http://www.redhat.com/support/errata/RHSA-2004-494.html http://www.vupen.com/english/advisories/2008/0412 https://exchange.xforce.ibmcloud.com/vulnerabilities/17173 https://oval.cisecurity.org/repository/search& •

CVSS: 4.6EPSS: 2%CPEs: 62EXPL: 1

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. • http://bugzilla.mozilla.org/show_bug.cgi?id=250862 http://marc.info/?l=bugtraq&m=109698896104418&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml http://www.kb.cert.org/vuls/id/651928 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.securityfocus.com/bid/11177 http://www.us-cert.gov/cas/techalerts& •

CVSS: 10.0EPSS: 26%CPEs: 13EXPL: 3

Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Múltiples desbordamientos de búfer en Sound eXchange (SoX) anteriores a 12.17 permite a atacantes remotos ejecutar código arbitrario mediante ciertos campos de cabecera de ficheros WAV. • https://www.exploit-db.com/exploits/374 https://www.exploit-db.com/exploits/369 http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000855 http://lwn.net/Articles/95529 http://lwn.net/Articles/95530 http://seclists.org/fulldisclosure/2004/Jul/1227.html http://secunia.com/advisories/12175 http://www.debian.org/security/2004/dsa-565 http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml h •

CVSS: 7.2EPSS: 0%CPEs: 55EXPL: 0

Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. Múltiples vulnerabilidades desconocidas en el kernel de Linux 2.4 y 2.6 permiten a usuarios locales ganar privilegios o acceder a memoria del kernel, como se ha encontrado mediante la herramienta de comprobación de código fuente "Sparse". • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846 http://lwn.net/Articles/91155 http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066 http://www.novell.com/linux/security/advisories/2004_20_kernel.html http://www.redhat.com/support/errata/RHSA-2004-255.html http://www.redhat.com/support/errata/RHSA-2004-260.html http:/ •