abc2midi is susceptible to two stack buffer overflow vulnerabilities. These issues occur when the application fails to properly bounds check user-supplied image data before copying it into fixed-size memory buffers. Remote attackers can exploit these vulnerabilities to alter the flow of execution and potentially execute attacker-supplied machine code in the context of the application attempting to read malicious ABC files.
abc2mtex is prone to a buffer overflow vulnerability. This issue is exposed when the program is used to convert ABC music notation files to MTEX format. In particular, the issue is due to insufficient bounds checking of key data in ABC notation files. Since the ABC files may originate from an external or untrusted source, this issue is considered remote in nature. Successful exploitation will result in execution of arbitrary code in the context of the user running the application.
The uml_utilites uml_net application may permit unprivileged malicious local users to shut down the slip network interface. This is due to the program being installed setuid root by default. This vulnerability could be exploited to deny network services over slip on an affected computer.
The asp2php application is prone to a buffer overflow vulnerability when converting an ASP file to PHP. The vulnerability is related to parsing of tokens in ASP files. An attacker can exploit this vulnerability by providing a malicious ASP file, which can lead to the execution of arbitrary code in the context of the user running the application.
The Ringtone Tools application fails to carry out proper boundary checks before copying user-supplied data into sensitive process buffers, leading to a remote buffer overflow vulnerability. An attacker can exploit this by crafting a malicious eMelody file with excessive string data, replacement memory addresses, and executable instructions. If a user processes this file through the application, the attacker's instructions may be executed, potentially compromising the application.
WorkBoard is affected by various cross-site scripting vulnerabilities. These vulnerabilities are caused by a failure to properly sanitize user-supplied URI input. An attacker can create a malicious URI link containing hostile HTML and script code, which, if followed, can lead to the execution of the code in the victim's web browser. This can result in theft of authentication credentials or other attacks.
The Easy Software Products lppasswd utility is prone to a locally exploitable denial-of-service vulnerability. The issue occurs when the program attempts to write a file to the system that will exceed any file size resource limits in place. An unprivileged user with CUPS credentials can set these resource limits and then invoke the application, which will create an empty '/usr/local/etc/cups/passwd.new' file. Subsequent invocations of lppasswd will fail if this file is present. Successful exploitation of this vulnerability will prevent users from changing their CUPS passwords with lppasswd.
html2hdml is prone to a buffer overflow vulnerability. This issue is exposed when converting HTML files to HDML (Handheld Device Markup Language). Since HTML files may originate from an external or untrusted source, this vulnerability is considered remote in nature. Successful exploitation may result in execution of arbitrary code in the context of the user running the application.
o3read is prone to a buffer overflow vulnerability. This issue occurs when the program parses HTML content during file format conversion. It is considered a remote vulnerability as files may originate from an external or untrusted source. Successful exploitation of this vulnerability can lead to code execution with the privileges of the user running the application.
LinPopUp is prone to a remote buffer overflow vulnerability. The application fails to perform proper boundary checks before copying user-supplied data into sensitive process buffers. An attacker can exploit this vulnerability by crafting a malicious message containing excessive string data, replacement memory addresses, and executable instructions, which can lead to unauthorized access to a computer.
Services By CQR