.:[ packet storm ]:.
                           
know better
know better

 ///  File Name:oCERT-2009-009.txt
Description:
CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability.
Author:Andrea Barisani
Homepage:http://www.ocert.org/
File Size:1607
Related CVE(s):CVE-2009-2295
Last Modified:Jul 2 15:01:23 2009
MD5 Checksum:4fa5917b93622cf557fa89435814a10b

 .:. Back
 

 ///  Last 10 Files
  1. :· MDVSA-2010-062.txt
  2. :· CA20100318-01.txt
  3. :· opennhrp-0.11.5.tar.bz2
  4. :· libnids-1.24.tar.gz
  5. :· skipfish-1.03b.tgz
  6. :· wazzumdating-shell.txt
  7. :· edisplay-postauth.txt
  8. :· edisplay-preauth.txt
  9. :· ibmlotus-httpsplitting.txt
  10. :· joomlajetooltip-lfi.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2010-062.txt
  2. :· CA20100318-01.txt
  3. :· USN-915-1.txt
  4. :· dsa-2018-1.txt
  5. :· dsa-2015-1.txt
  6. :· miranda-fail.txt
  7. :· USN-914-1.txt
  8. :· secunia-qfxsrf.txt
  9. :· secunia-qfbidisclose.txt
  10. :· secunia-qfmddisclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· wazzumdating-shell.txt
  2. :· edisplay-postauth.txt
  3. :· edisplay-preauth.txt
  4. :· ibmlotus-httpsplitting.txt
  5. :· joomlajetooltip-lfi.txt
  6. :· directadmin1344-xsrf.txt
  7. :· islamicvoice-insecure.txt
  8. :· islamicvoice-sql.txt
  9. :· xilisoft-overflow.py.txt
  10. :· phpwind-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· opennhrp-0.11.5.tar.bz2
  2. :· skipfish-1.03b.tgz
  3. :· sipwitch-0.7.4.tar.gz
  4. :· dff-0.5.0-src.tar.gz
  5. :· buck-security_0.4.zip
  6. :· iexploder-1.5.tgz
  7. :· whatweb-0.4.tar.gz
  8. :· sqlmap-0.8.tar.gz
  9. :· nuxkeylogger0.0.1.c
  10. :· samhain-2.6.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· libnids-1.24.tar.gz
  2. :· plumbercon10-cfp.txt
  3. :· skypeimbot-analysis.pdf
  4. :· IranianNames.txt
  5. :· darkmysqli-injection.pdf
  6. :· tcpdump.pdf
  7. :· physical-terminations.pdf
  8. :· common-ports.pdf
  9. :· Wireshark_Display_Filters.pdf
  10. :· VLANs.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice