half width software vulnerabilities
vulnerabilities.aspcode.net
Searching half width software vulnerabilities
Remote attackers can crash Lynx and Internet Ex
attackers
|
parameter
|
Internet
|
Explorer
|
Remote
|
width
|
large
|
using
|
crash
|
Lynx
|
can
|
IMG
|
tag
|
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.
Buffer overflows in Sierra Half-Life build 1573
overflows
|
Half-Life
|
Sierra
|
Buffer
|
build
|
Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration file.
Format string vulnerability in Sierra Half-Life
vulnerability
|
Half-Life
|
Sierra
|
string
|
Format
|
build
|
Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command.
Buffer overflow in client for Half-Life 1.1.0.8
Half-Life
|
overflow
|
Buffer
|
client
|
Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command.
admin.cgi in Active Classifieds Free Edition 1.
configuration
|
Classifieds
|
table_width
|
privileges
|
commercial
|
attackers
|
parameter
|
arbitrary
|
versions
|
possibly
|
admincgi
|
Edition
|
execute
|
remote
|
Active
|
allows
|
modify
|
code
|
Free
|
gain
|
Perl
|
via
|
admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter.
AOL Instant Messenger (AIM) 4.7 allows remote a
Messenger
|
Instant
|
AOL
|
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data.
ICQ 2001b Build 3659 allows remote attackers to
Build
|
2001b
|
ICQ
|
ICQ 2001b Build 3659 allows remote attackers to cause a denial of service (crash) via a malformed picture that contains large height and width values, which causes the crash when viewed in Userdetails.
The Message Session window in Mirabilis ICQ Pro
Mirabilis
|
attackers
|
service
|
Message
|
Session
|
remote
|
allows
|
window
|
denial
|
cause
|
2003a
|
ICQ
|
Pro
|
The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag.
The SV_CheckForDuplicateNames function in Valve
SV_CheckForDuplicateNames
|
Half-Life
|
Dedicated
|
Software
|
function
|
CSTRIKE
|
Server
|
Valve
|
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734.
The Half-Life engine before July 7 2004 allows
Half-Life
|
before
|
engine
|
July
|
The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) via an empty fragmented packet.
Windows Media Player 9 allows remote attackers
containing
|
attackers
|
arbitrary
|
execute
|
Windows
|
Player
|
remote
|
allows
|
large
|
Media
|
file
|
code
|
via
|
PNG
|
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."
asycpict.dll, as used in Microsoft products suc
asycpictdll
|
Microsoft
|
attackers
|
products
|
service
|
allows
|
remote
|
denial
|
Front
|
cause
|
used
|
such
|
Page
|
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
Buffer overflow in aGSM Half-Life client allows
Half-Life
|
overflow
|
service
|
servers
|
remote
|
denial
|
Buffer
|
client
|
allows
|
cause
|
aGSM
|
Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server response.
Mozilla 1.6 and possibly other versions allows
attackers
|
versions
|
possibly
|
Mozilla
|
service
|
denial
|
allows
|
remote
|
other
|
cause
|
Mozilla 1.6 and possibly other versions allows remote attackers to cause a denial of service (application crash) via a XBM (X BitMap) file with a large (1) height or (2) width value.
The SV_CheckForDuplicateNames function in Valve
SV_CheckForDuplicateNames
|
authenticated
|
Half-Life
|
Dedicated
|
function
|
Software
|
earlier
|
CSTRIKE
|
service
|
denial
|
remote
|
Server
|
allows
|
Valve
|
users
|
cause
|
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015.
Unspecified vulnerability in the process_cmdent
process_cmdent
|
vulnerability
|
protection"
|
Unspecified
|
commandcpp
|
overflow
|
function
|
"'other
|
vectors
|
related
|
TinyMUX
|
unknown
|
buffer
|
impact
|
attack
|
before
|
half'
|
lack
|
has
|
Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vectors, related to lack of the "'other half' of buffer overflow protection."
The Cisco Intrusion Prevention System (IPS) and
Prevention
|
Intrusion
|
System
|
Cisco
|
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
Check Point Web Intelligence does not properly
Intelligence
|
half-width
|
full-width
|
character
|
encodings
|
detection
|
attackers
|
properly
|
traffic
|
Unicode
|
certain
|
remote
|
handle
|
evade
|
Check
|
Point
|
allow
|
which
|
might
|
HTTP
|
does
|
not
|
Web
|
Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
Multiple IBM ISS Proventia Series products, inc
full-width
|
half-width
|
attackers
|
including
|
character
|
encodings
|
Proventia
|
detection
|
Multiple
|
products
|
properly
|
Unicode
|
traffic
|
certain
|
remote
|
handle
|
Series
|
evade
|
allow
|
which
|
might
|
HTTP
|
ISS
|
not
|
IBM
|
Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
BEA WebLogic Server 9.0 through 9.2 allows remo
attackers
|
WebLogic
|
through
|
service
|
denial
|
remote
|
Server
|
allows
|
cause
|
BEA
|
BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a denial of service (SSL port unavailability) by accessing a half-closed SSL socket.
Software vulnerabilities results 1 to 20 of 55
Page:
1
2
3
►