Next Page >>
Table of Contents
======================================================================
Secunia Research 30/11/2010
- Winamp NSV Table of Contents Parsing Integer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
3. *Vulnerability Description*
Autodesk Softimage [2] is a 3D computer graphics application for
producing 3D computer graphics, 3D modeling, and computer animation.
Autodesk Softimage by default saves a .scntoc file along with the
scene content tree. The scene TOC (scene table of contents) is an
XML-based file that contains scene information. When you open a scene
file, Softimage looks for a corresponding scene TOC file and
automatically reads and applies the information it contains. Scene TOC
XML files can be modified to execute arbitrary commands without user
intervention by design. An attacker can take full control of the
>content within the CHM file using the Help File Viewer (hh.exe) until a user
>selects the file in Explorer and clicks the "Unblock" button under the files
>properties, which resets the NTFS meta-data flag.
>
>This security feature can be bypassed by referencing external URI handlers
>from the CHM file's Table of Contents file, and links can directly accessed
>regardless of the help files locked state.
>
>Consider this example which references a local html file, and will not render:
>
><param name="Name" value="I will not work"> <param name="Local"
Secunia Research 17/03/2010
- Quicksilver Forums "mysqldump" Password Disclosure -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 08/04/2008
- Symantec Mail Security Applix Graphics Parsing Vulnerabilities -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 28/11/2007
- Symantec Backup Exec Job Engine Denial of Service -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 12/05/2010
- IrfanView PSD RLE Decompression Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 12/05/2010
- Adobe Shockwave Player Asset Entry Parsing Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 19/04/2010
- e107 Content Management Plugin Script Insertion Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 13/05/2010
- aria2 metalink "name" Directory Traversal Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 03/03/2009
- libsndfile CAF Processing Integer Overflow Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 09/12/2008
- Microsoft Excel NAME Record Array Indexing Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
- Novell iPrint Client ActiveX Control -
- "GetFileList()" Information Disclosure -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 15/07/2010
- GIGABYTE Dldrv2 ActiveX Control Unsafe Methods -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 15/11/2007
- Samba "reply_netbios_packet()" Buffer Overflow Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 12/05/2010
- Adobe Shockwave Player 3D Parsing Memory Corruption -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 08/04/2010
- Pulse CMS Arbitrary File Upload Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 20/01/2010
- Adobe Shockwave Player 3D Model Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 28/07/2010
- Autonomy KeyView wkssr.dll Record Parsing Buffer Overflows -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 08/04/2008
- Autonomy Keyview EML Reader Buffer Overflows -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 28/07/2010
- Autonomy KeyView wkssr.dll String Indexing Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 26/01/2010
- Google Chrome Pop-Up Block Menu Handling Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 14/12/2010
- Microsoft Office FlashPix Property Set Parsing Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 11/08/2010
- glpng PNG Processing Two Integer Overflow Vulnerabilities -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 08/04/2008
- Adobe Flash Player "Declare Function (V7)" Heap Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 31/03/2010
- Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 07/05/2009
- Garmin Communicator Plug-In Domain Locking Security Bypass -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 02/02/2009
- Free Download Manager Remote Control Server Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 02/02/2009
- Free Download Manager Torrent Parsing Buffer Overflows -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Secunia Research 10/12/2010
- RealPlayer AAC Spectral Data Parsing Vulnerability -
======================================================================
Table of Contents
Affected Software....................................................1
Severity.............................................................2
Vendor's Description of Software.....................................3
Description of Vulnerability.........................................4
Next Page>>
|
