TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index. An attacker can exploit this issue to cause applications to crash with a segmentation fault, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. The following example is available: printf %.1100000000f 1.1
OpenBSD and NetBSD are prone to a denial-of-service vulnerability because they fail to properly parse format strings to the 'printf(1)' function. An attacker can exploit this issue to cause applications using the vulnerable call to crash with a segmentation fault, denying service to legitimate users.
Successful exploits may allow attackers to bypass certain security restrictions, run untrusted applets with elevated privileges, execute arbitrary code, and cause denial-of-service conditions. Other attacks are also possible.
Mozilla Firefox and SeaMonkey are prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code and to cause denial-of-service conditions by tricking a victim into visiting a malicious webpage.
Mozilla Firefox is prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue by tricking a victim into visiting a malicious webpage to execute arbitrary code and to cause denial-of-service conditions.
KDE is prone to multiple input-validation vulnerabilities that affect 'Ark', 'IO Slaves', and 'Kmail'. An attacker can exploit these issues by tricking an unsuspecting victim into opening a malicious file. A successful attack will allow arbitrary attacker-supplied JavaScript to run in the context of the victim running the affected application.
VMware products are prone to a directory-traversal vulnerability because they fail to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information from the host operating system that could aid in further attacks.
Sahana is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.
Snort is prone to multiple denial-of-service vulnerabilities because the application fails to properly process specially crafted IPv6 packets. Attackers can exploit these issues to crash the affected application, causing denial-of-service conditions. These issues affect Snort 2.8.5; other versions may also be vulnerable. You can reproduce theses two differents bugs easily by using the Python low-level networking lib Scapy (http://www.secdev.org/projects/scapy/files/scapy-latest.zip)
Services By CQR