andrea barisani vulnerabilities and exploits

(subscribe to this query)

NA

Heap-based buffer overflow in zgv prior to 5.8 and xzgv prior to 0.8 might allow user-assisted malicious users to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required...

Xzgv Xzgv

NA

Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent malicious users to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.

Libtiff Libtiff 3.8.2

2 EDB exploits

NA

pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote malicious users to sniff the password.

Padl Nss Ldap -Padl Pam Ldap -

NA

Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 up to and including 3.8.2, 3.9, and 4.0 allow context-dependent malicious users to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buff...

Libtiff Libtiff 3.8.0 Libtiff Libtiff 3.8.1 Libtiff Libtiff 3.9 Libtiff Libtiff 4.0 Libtiff Libtiff 3.8.2

NA

poprelayd script prior to 2.0 in Cobalt RaQ3 servers allows remote malicious users to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file.

Sun Cobalt Raq 3i

1 EDB exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook